From edb31656fcd1a952f092c6a7639b694b048fed06 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 23 Jan 2025 09:40:48 +0100 Subject: [PATCH] feat: tools as components (#1235) fixes #1233 --------- Signed-off-by: Jan Kowalleck --- HISTORY.md | 14 +- package.json | 2 +- src/builders.ts | 33 ++- src/cli.ts | 5 +- ...gistry_npm10_node18_macos-latest.snap.json | 125 +++++---- ...istry_npm10_node18_ubuntu-latest.snap.json | 125 +++++---- ...stry_npm10_node18_windows-latest.snap.json | 125 +++++---- ...stry_npm10_node22_windows-latest.snap.json | 125 +++++---- ...gistry_npm11_node20_macos-latest.snap.json | 127 +++++---- ...istry_npm11_node20_ubuntu-latest.snap.json | 127 +++++---- ...stry_npm11_node20_windows-latest.snap.json | 127 +++++---- ...stry_npm11_node22_windows-latest.snap.json | 127 +++++---- ...gistry_npm6_node14_ubuntu-latest.snap.json | 125 +++++---- ...istry_npm6_node14_windows-latest.snap.json | 125 +++++---- ...egistry_npm6_node16_macos-latest.snap.json | 125 +++++---- ...istry_npm6_node22_windows-latest.snap.json | 125 +++++---- ...gistry_npm7_node14_ubuntu-latest.snap.json | 125 +++++---- ...istry_npm7_node14_windows-latest.snap.json | 125 +++++---- ...egistry_npm7_node16_macos-latest.snap.json | 125 +++++---- ...istry_npm7_node22_windows-latest.snap.json | 125 +++++---- ...gistry_npm8_node14_ubuntu-latest.snap.json | 125 +++++---- ...istry_npm8_node14_windows-latest.snap.json | 125 +++++---- ...egistry_npm8_node16_macos-latest.snap.json | 125 +++++---- ...istry_npm8_node22_windows-latest.snap.json | 125 +++++---- ...egistry_npm9_node16_macos-latest.snap.json | 125 +++++---- ...gistry_npm9_node16_ubuntu-latest.snap.json | 125 +++++---- ...istry_npm9_node16_windows-latest.snap.json | 125 +++++---- ...istry_npm9_node22_windows-latest.snap.json | 125 +++++---- ...encies_npm10_node18_macos-latest.snap.json | 123 +++++---- ...ncies_npm10_node18_ubuntu-latest.snap.json | 123 +++++---- ...cies_npm10_node18_windows-latest.snap.json | 123 +++++---- ...encies_npm11_node20_macos-latest.snap.json | 125 +++++---- ...ncies_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...cies_npm11_node20_windows-latest.snap.json | 125 +++++---- ...cies_npm11_node22_windows-latest.snap.json | 125 +++++---- ...dencies_npm6_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm6_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm6_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm7_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm7_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm7_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm8_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm8_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm8_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm9_node16_macos-latest.snap.json | 123 +++++---- ...encies_npm9_node16_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm9_node16_windows-latest.snap.json | 123 +++++---- ...om-git_npm10_node18_macos-latest.snap.json | 135 +++++---- ...m-git_npm10_node18_ubuntu-latest.snap.json | 135 +++++---- ...-git_npm10_node18_windows-latest.snap.json | 135 +++++---- ...om-git_npm7_node14_ubuntu-latest.snap.json | 135 +++++---- ...rom-git_npm7_node16_macos-latest.snap.json | 135 +++++---- ...om-git_npm7_node16_ubuntu-latest.snap.json | 135 +++++---- ...m-git_npm7_node18_windows-latest.snap.json | 135 +++++---- ...om-git_npm8_node14_ubuntu-latest.snap.json | 135 +++++---- ...rom-git_npm8_node16_macos-latest.snap.json | 135 +++++---- ...om-git_npm8_node16_ubuntu-latest.snap.json | 135 +++++---- ...m-git_npm8_node20_windows-latest.snap.json | 135 +++++---- ...rom-git_npm9_node16_macos-latest.snap.json | 135 +++++---- ...om-git_npm9_node16_ubuntu-latest.snap.json | 135 +++++---- ...m-git_npm9_node18_windows-latest.snap.json | 135 +++++---- ...m-git_npm9_node22_windows-latest.snap.json | 135 +++++---- ...encies_npm10_node18_macos-latest.snap.json | 123 +++++---- ...ncies_npm10_node18_ubuntu-latest.snap.json | 123 +++++---- ...cies_npm10_node18_windows-latest.snap.json | 123 +++++---- ...encies_npm10_node22_macos-latest.snap.json | 123 +++++---- ...ncies_npm10_node22_ubuntu-latest.snap.json | 123 +++++---- ...cies_npm10_node22_windows-latest.snap.json | 123 +++++---- ...encies_npm11_node20_macos-latest.snap.json | 125 +++++---- ...ncies_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...cies_npm11_node20_windows-latest.snap.json | 125 +++++---- ...cies_npm11_node22_windows-latest.snap.json | 125 +++++---- ...dencies_npm6_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm6_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm6_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm6_node22_macos-latest.snap.json | 123 +++++---- ...encies_npm6_node22_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm6_node22_windows-latest.snap.json | 123 +++++---- ...dencies_npm7_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm7_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm7_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm7_node22_macos-latest.snap.json | 123 +++++---- ...encies_npm7_node22_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm7_node22_windows-latest.snap.json | 123 +++++---- ...dencies_npm8_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm8_node14_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm8_node14_windows-latest.snap.json | 123 +++++---- ...dencies_npm8_node22_macos-latest.snap.json | 123 +++++---- ...encies_npm8_node22_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm8_node22_windows-latest.snap.json | 123 +++++---- ...dencies_npm9_node16_macos-latest.snap.json | 123 +++++---- ...encies_npm9_node16_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm9_node16_windows-latest.snap.json | 123 +++++---- ...dencies_npm9_node22_macos-latest.snap.json | 123 +++++---- ...encies_npm9_node22_ubuntu-latest.snap.json | 123 +++++---- ...ncies_npm9_node22_windows-latest.snap.json | 123 +++++---- ...e-shop_npm10_node18_macos-latest.snap.json | 125 +++++---- ...-shop_npm10_node18_ubuntu-latest.snap.json | 125 +++++---- ...shop_npm10_node18_windows-latest.snap.json | 125 +++++---- ...e-shop_npm11_node20_macos-latest.snap.json | 125 +++++---- ...-shop_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...shop_npm11_node20_windows-latest.snap.json | 125 +++++---- ...ce-shop_npm7_node16_macos-latest.snap.json | 125 +++++---- ...e-shop_npm7_node16_ubuntu-latest.snap.json | 125 +++++---- ...-shop_npm7_node16_windows-latest.snap.json | 125 +++++---- ...ce-shop_npm8_node16_macos-latest.snap.json | 125 +++++---- ...e-shop_npm8_node16_ubuntu-latest.snap.json | 125 +++++---- ...-shop_npm8_node16_windows-latest.snap.json | 125 +++++---- ...ce-shop_npm9_node16_macos-latest.snap.json | 125 +++++---- ...e-shop_npm9_node16_ubuntu-latest.snap.json | 125 +++++---- ...-shop_npm9_node16_windows-latest.snap.json | 125 +++++---- ...encies_npm10_node18_macos-latest.snap.json | 125 +++++---- ...ncies_npm10_node18_ubuntu-latest.snap.json | 125 +++++---- ...cies_npm10_node18_windows-latest.snap.json | 125 +++++---- ...cies_npm10_node22_windows-latest.snap.json | 125 +++++---- ...encies_npm11_node20_macos-latest.snap.json | 125 +++++---- ...ncies_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...cies_npm11_node20_windows-latest.snap.json | 125 +++++---- ...cies_npm11_node22_windows-latest.snap.json | 125 +++++---- ...dencies_npm6_node14_macos-latest.snap.json | 125 +++++---- ...encies_npm6_node14_ubuntu-latest.snap.json | 129 +++++---- ...ncies_npm6_node14_windows-latest.snap.json | 129 +++++---- ...dencies_npm6_node16_macos-latest.snap.json | 129 +++++---- ...ncies_npm6_node22_windows-latest.snap.json | 129 +++++---- ...dencies_npm7_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm7_node14_ubuntu-latest.snap.json | 125 +++++---- ...ncies_npm7_node14_windows-latest.snap.json | 125 +++++---- ...dencies_npm7_node16_macos-latest.snap.json | 125 +++++---- ...ncies_npm7_node22_windows-latest.snap.json | 125 +++++---- ...dencies_npm8_node14_macos-latest.snap.json | 123 +++++---- ...encies_npm8_node14_ubuntu-latest.snap.json | 125 +++++---- ...ncies_npm8_node14_windows-latest.snap.json | 125 +++++---- ...dencies_npm8_node16_macos-latest.snap.json | 125 +++++---- ...ncies_npm8_node22_windows-latest.snap.json | 125 +++++---- ...dencies_npm9_node16_macos-latest.snap.json | 125 +++++---- ...encies_npm9_node16_ubuntu-latest.snap.json | 125 +++++---- ...ncies_npm9_node16_windows-latest.snap.json | 125 +++++---- ...ncies_npm9_node22_windows-latest.snap.json | 125 +++++---- ...spaces_npm10_node18_macos-latest.snap.json | 125 +++++---- ...paces_npm10_node18_ubuntu-latest.snap.json | 125 +++++---- ...aces_npm10_node18_windows-latest.snap.json | 125 +++++---- ...aces_npm10_node22_windows-latest.snap.json | 125 +++++---- ...spaces_npm11_node20_macos-latest.snap.json | 125 +++++---- ...paces_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...aces_npm11_node20_windows-latest.snap.json | 125 +++++---- ...aces_npm11_node22_windows-latest.snap.json | 125 +++++---- ...kspaces_npm7_node14_macos-latest.snap.json | 123 +++++---- ...spaces_npm7_node14_ubuntu-latest.snap.json | 125 +++++---- ...paces_npm7_node14_windows-latest.snap.json | 125 +++++---- ...kspaces_npm7_node16_macos-latest.snap.json | 125 +++++---- ...paces_npm7_node22_windows-latest.snap.json | 125 +++++---- ...kspaces_npm8_node14_macos-latest.snap.json | 123 +++++---- ...spaces_npm8_node14_ubuntu-latest.snap.json | 125 +++++---- ...paces_npm8_node14_windows-latest.snap.json | 125 +++++---- ...kspaces_npm8_node16_macos-latest.snap.json | 125 +++++---- ...paces_npm8_node22_windows-latest.snap.json | 125 +++++---- ...kspaces_npm9_node16_macos-latest.snap.json | 125 +++++---- ...spaces_npm9_node16_ubuntu-latest.snap.json | 125 +++++---- ...paces_npm9_node16_windows-latest.snap.json | 125 +++++---- ...paces_npm9_node22_windows-latest.snap.json | 125 +++++---- ...egrity_npm10_node18_macos-latest.snap.json | 123 +++++---- ...grity_npm10_node18_ubuntu-latest.snap.json | 123 +++++---- ...rity_npm10_node18_windows-latest.snap.json | 123 +++++---- ...egrity_npm11_node20_macos-latest.snap.json | 125 +++++---- ...grity_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...rity_npm11_node20_windows-latest.snap.json | 125 +++++---- ...rity_npm11_node22_windows-latest.snap.json | 125 +++++---- ...tegrity_npm6_node14_macos-latest.snap.json | 123 +++++---- ...egrity_npm6_node14_ubuntu-latest.snap.json | 123 +++++---- ...grity_npm6_node14_windows-latest.snap.json | 123 +++++---- ...tegrity_npm7_node14_macos-latest.snap.json | 123 +++++---- ...egrity_npm7_node14_ubuntu-latest.snap.json | 123 +++++---- ...grity_npm7_node14_windows-latest.snap.json | 123 +++++---- ...tegrity_npm8_node14_macos-latest.snap.json | 123 +++++---- ...egrity_npm8_node14_ubuntu-latest.snap.json | 123 +++++---- ...grity_npm8_node14_windows-latest.snap.json | 123 +++++---- ...tegrity_npm9_node16_macos-latest.snap.json | 123 +++++---- ...egrity_npm9_node16_ubuntu-latest.snap.json | 123 +++++---- ...grity_npm9_node16_windows-latest.snap.json | 123 +++++---- ...ild-id_npm10_node18_macos-latest.snap.json | 123 +++++---- ...ld-id_npm10_node18_ubuntu-latest.snap.json | 123 +++++---- ...d-id_npm10_node18_windows-latest.snap.json | 123 +++++---- ...ild-id_npm11_node20_macos-latest.snap.json | 125 +++++---- ...ld-id_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...d-id_npm11_node20_windows-latest.snap.json | 125 +++++---- ...d-id_npm11_node22_windows-latest.snap.json | 125 +++++---- ...uild-id_npm6_node14_macos-latest.snap.json | 123 +++++---- ...ild-id_npm6_node14_ubuntu-latest.snap.json | 123 +++++---- ...ld-id_npm6_node14_windows-latest.snap.json | 123 +++++---- ...uild-id_npm7_node14_macos-latest.snap.json | 123 +++++---- ...ild-id_npm7_node14_ubuntu-latest.snap.json | 123 +++++---- ...ld-id_npm7_node14_windows-latest.snap.json | 123 +++++---- ...uild-id_npm8_node14_macos-latest.snap.json | 123 +++++---- ...ild-id_npm8_node14_ubuntu-latest.snap.json | 123 +++++---- ...ld-id_npm8_node14_windows-latest.snap.json | 123 +++++---- ...uild-id_npm9_node16_macos-latest.snap.json | 123 +++++---- ...ild-id_npm9_node16_ubuntu-latest.snap.json | 123 +++++---- ...ld-id_npm9_node16_windows-latest.snap.json | 123 +++++---- ...encies_npm10_node18_macos-latest.snap.json | 123 +++++---- ...ncies_npm10_node18_ubuntu-latest.snap.json | 123 +++++---- ...cies_npm10_node18_windows-latest.snap.json | 123 +++++---- ...encies_npm11_node20_macos-latest.snap.json | 125 +++++---- ...ncies_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...cies_npm11_node20_windows-latest.snap.json | 125 +++++---- ...cies_npm11_node22_windows-latest.snap.json | 125 +++++---- ...e-shop_npm10_node18_macos-latest.snap.json | 125 +++++---- ...-shop_npm10_node18_ubuntu-latest.snap.json | 125 +++++---- ...shop_npm10_node18_windows-latest.snap.json | 125 +++++---- ...e-shop_npm11_node20_macos-latest.snap.json | 125 +++++---- ...-shop_npm11_node20_ubuntu-latest.snap.json | 125 +++++---- ...shop_npm11_node20_windows-latest.snap.json | 125 +++++---- ...encies_npm8_node14_ubuntu-latest.snap.json | 123 +++++---- .../bare/with-prepared.snap.json | 257 ++++++++++-------- .../bare/with-prepared.snap.xml | 234 ++++++++-------- .../flat/with-prepared.snap.json | 257 ++++++++++-------- .../flat/with-prepared.snap.xml | 234 ++++++++-------- .../with-licenses/with-prepared.snap.json | 257 ++++++++++-------- .../with-licenses/with-prepared.snap.xml | 234 ++++++++-------- tests/_helper/index.js | 70 ++++- 219 files changed, 16279 insertions(+), 11326 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index bfbf3b1e5..52e015ff0 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -7,9 +7,17 @@ All notable changes to this project will be documented in this file. * BREAKING changes - * Create dir for output file if not exist ([#1241] via [#1242]) + * Emit `.metadata.tools` as components ([#1233] via [#1235]) + This affects only CycloneDX spec-version 1.5 and later. + * Emitted `.purl` values might be partially url-encoded (via [#1235]) + This is cased by changes on underlying 3rd-party dependency `packageurl-js`. + * Create dir for output file if not exists ([#1241] via [#1242]) This is only a breaking change if you relied on non-existent result paths. +* Misc + * Raised dependency `@cyclonedx/cyclonedx-library@^7.0.0`, was `@^6.11.0` (via [#1235]) +[#1233]: https://github.com/CycloneDX/cyclonedx-node-npm/issues/1233 +[#1235]: https://github.com/CycloneDX/cyclonedx-node-npm/pull/1235 [#1241]: https://github.com/CycloneDX/cyclonedx-node-npm/issues/1241 [#1242]: https://github.com/CycloneDX/cyclonedx-node-npm/pull/1242 @@ -73,7 +81,7 @@ All notable changes to this project will be documented in this file. * Added * Licenses acknowledgement might be populated ([#1171] via [#1183]) -* Misc +* Dependencies * Raised dependency `@cyclonedx/cyclonedx-library@^6.6.0`, was `@^6.5.0` (via [#1183]) [#1171]: https://github.com/CycloneDX/cyclonedx-node-npm/issues/1171 @@ -265,7 +273,7 @@ Details They should be marked as expression, now. * Added * Added detection for package integrity with SHA-1 ([#699] via [#735]) -* Misc +* Dependencies * Raised dependency `@cyclonedx/cyclonedx-library@^2.0.0`, was `@^1.14.0` (via [#726]) [#699]: https://github.com/CycloneDX/cyclonedx-node-npm/issues/699 diff --git a/package.json b/package.json index dc0f2784b..3654fb095 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ } ], "dependencies": { - "@cyclonedx/cyclonedx-library": "^6.11.0", + "@cyclonedx/cyclonedx-library": "^7.0.0", "commander": "^10.0.0", "normalize-package-data": "^3||^4||^5||^6", "xmlbuilder2": "^3.0.2" diff --git a/src/builders.ts b/src/builders.ts index 715d84231..241b3c9ee 100644 --- a/src/builders.ts +++ b/src/builders.ts @@ -51,7 +51,6 @@ type cPath = string type AllComponents = Map export class BomBuilder { - toolBuilder: Builders.FromNodePackageJson.ToolBuilder componentBuilder: Builders.FromNodePackageJson.ComponentBuilder treeBuilder: TreeBuilder purlFactory: Factories.FromNodePackageJson.PackageUrlFactory @@ -69,14 +68,12 @@ export class BomBuilder { console: Console constructor ( - toolBuilder: BomBuilder['toolBuilder'], componentBuilder: BomBuilder['componentBuilder'], treeBuilder: BomBuilder['treeBuilder'], purlFactory: BomBuilder['purlFactory'], options: BomBuilderOptions, console_: BomBuilder['console'] ) { - this.toolBuilder = toolBuilder this.componentBuilder = componentBuilder this.treeBuilder = treeBuilder this.purlFactory = purlFactory @@ -236,14 +233,14 @@ export class BomBuilder { bom.metadata.component = rootComponent - bom.metadata.tools.add(new Models.Tool({ - name: 'npm', - version: npmVersion // use the self-proclaimed `version` - // omit `vendor` and `externalReferences`, because we cannot be sure about the used tool's actual origin + bom.metadata.tools.components.add(new Models.Component( + Enums.ComponentType.Application, 'npm', { + version: npmVersion // use the self-proclaimed `version` + // omit `group` and `externalReferences`, because we cannot be sure about the used tool's actual origin // omit `hashes`, because unfortunately there is no agreed process of generating them - })) - for (const tool of this.makeTools()) { - bom.metadata.tools.add(tool) + })) + for (const toolC of this.makeToolCs()) { + bom.metadata.tools.components.add(toolC) } if (!this.reproducible) { @@ -608,8 +605,10 @@ export class BomBuilder { } } - private * makeTools (): Generator { - const packageJsonPaths = [path.resolve(module.path, '..', 'package.json')] + private * makeToolCs (): Generator { + const packageJsonPaths: Array<[string, Enums.ComponentType]> = [ + [path.resolve(module.path, '..', 'package.json'), Enums.ComponentType.Application] + ] const libs = [ '@cyclonedx/cyclonedx-library' @@ -621,19 +620,19 @@ export class BomBuilder { for (const nodeModulePath of nodeModulePaths) { const packageJsonPath = path.resolve(nodeModulePath, ...lib, 'package.json') if (existsSync(packageJsonPath)) { - packageJsonPaths.push(packageJsonPath) + packageJsonPaths.push([packageJsonPath, Enums.ComponentType.Library]) continue libsLoop } } } /* eslint-enable no-labels */ - for (const packageJsonPath of packageJsonPaths) { + for (const [packageJsonPath, cType] of packageJsonPaths) { const packageData: object = loadJsonFile(packageJsonPath) ?? {} normalizePackageData(packageData /* add debug for warnings? */) - const tool = this.toolBuilder.makeTool(packageData) - if (tool !== undefined) { - yield tool + const toolC = this.componentBuilder.makeComponent(packageData, cType) + if (toolC !== undefined) { + yield toolC } } } diff --git a/src/cli.ts b/src/cli.ts index 6673b3b87..a229fc625 100644 --- a/src/cli.ts +++ b/src/cli.ts @@ -238,13 +238,10 @@ export async function run (process: NodeJS.Process): Promise { throw new Error('missing evidence') } - const extRefFactory = new Factories.FromNodePackageJson.ExternalReferenceFactory() - myConsole.log('LOG | gathering BOM data ...') const bom = new BomBuilder( - new Builders.FromNodePackageJson.ToolBuilder(extRefFactory), new Builders.FromNodePackageJson.ComponentBuilder( - extRefFactory, + new Factories.FromNodePackageJson.ExternalReferenceFactory(), new Factories.LicenseFactory() ), new TreeBuilder(), diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_macos-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_ubuntu-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node22_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm10_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_macos-latest.snap.json index 80d807eea..190710d52 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/alternative-package-registry/project", + "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/alternative-package-registry/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -105,7 +128,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_ubuntu-latest.snap.json index 80d807eea..190710d52 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/alternative-package-registry/project", + "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/alternative-package-registry/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -105,7 +128,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_windows-latest.snap.json index 80d807eea..190710d52 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/alternative-package-registry/project", + "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/alternative-package-registry/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -105,7 +128,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node22_windows-latest.snap.json index 80d807eea..190710d52 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/alternative-package-registry/project", + "purl": "pkg:npm/demo-alternative-package-registry@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/alternative-package-registry/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -105,7 +128,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_ubuntu-latest.snap.json index 1b4f497fe..a6bcdbc69 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -89,7 +112,7 @@ "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", "description": "A JavaScript and TypeScript library to make sure you **act first and think later**!", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_windows-latest.snap.json index 1b4f497fe..a6bcdbc69 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -89,7 +112,7 @@ "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", "description": "A JavaScript and TypeScript library to make sure you **act first and think later**!", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node16_macos-latest.snap.json index 1b4f497fe..a6bcdbc69 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -89,7 +112,7 @@ "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", "description": "A JavaScript and TypeScript library to make sure you **act first and think later**!", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node22_windows-latest.snap.json index 1b4f497fe..a6bcdbc69 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm6_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -89,7 +112,7 @@ "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", "description": "A JavaScript and TypeScript library to make sure you **act first and think later**!", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_ubuntu-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node16_macos-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node22_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm7_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_ubuntu-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node16_macos-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node22_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm8_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_macos-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_ubuntu-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node22_windows-latest.snap.json index 985dab768..236d36101 100644 --- a/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/alternative-package-registry_npm9_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-alternative-package-registry", @@ -88,7 +111,7 @@ "group": "@jsr", "version": "0.1.3", "bom-ref": "@jsr/act__act@0.1.3", - "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A//npm.jsr.io/~/11/%40jsr/act__act/0.1.3.tgz", + "purl": "pkg:npm/%40jsr/act__act@0.1.3?download_url=https%3A%2F%2Fnpm.jsr.io%2F%7E%2F11%2F%40jsr%2Fact__act%2F0.1.3.tgz", "externalReferences": [ { "url": "https://npm.jsr.io/~/11/@jsr/act__act/0.1.3.tgz", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_macos-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_windows-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_macos-latest.snap.json index 3414e2410..4b4971cfa 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json index 3414e2410..4b4971cfa 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_windows-latest.snap.json index 3414e2410..4b4971cfa 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node22_windows-latest.snap.json index 3414e2410..4b4971cfa 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_macos-latest.snap.json index d20f54fb1..3eb2f71cc 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_ubuntu-latest.snap.json index d20f54fb1..3eb2f71cc 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_windows-latest.snap.json index d20f54fb1..3eb2f71cc 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_macos-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_ubuntu-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_windows-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_macos-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_ubuntu-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_windows-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_macos-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_ubuntu-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_windows-latest.snap.json index b8e634f04..dca4e6e74 100644 --- a/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/bundled-dependencies_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_macos-latest.snap.json index c2b4a4ddd..7cdc690a9 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_ubuntu-latest.snap.json index c2b4a4ddd..7cdc690a9 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_windows-latest.snap.json index c2b4a4ddd..7cdc690a9 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node14_ubuntu-latest.snap.json index 94a381e40..1cb71dc91 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_macos-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_ubuntu-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node18_windows-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm7_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node14_ubuntu-latest.snap.json index 94a381e40..1cb71dc91 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_macos-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_ubuntu-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node20_windows-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm8_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_macos-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_ubuntu-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node18_windows-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node22_windows-latest.snap.json index e17d2a08c..0895a514c 100644 --- a/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/deps-from-git_npm9_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-deps-from-git", @@ -88,7 +111,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.0.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23c887c803ac56deb5f91b617ef0486ca3fb98473b", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#c887c803ac56deb5f91b617ef0486ca3fb98473b", @@ -117,7 +140,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.1.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#e1a99f9871ca1cbd9b7f7b097c0e2aa8f1e79fe7", @@ -146,7 +169,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.2.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%23d66d36280dde484bcf73a5c2139961663e3ba954", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#d66d36280dde484bcf73a5c2139961663e3ba954", @@ -175,7 +198,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.3.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%237a914980f0508368df54ca193347cec6ffd16415", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#7a914980f0508368df54ca193347cec6ffd16415", @@ -204,7 +227,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.4.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%233367c1638662d57c53caff0824ee94cd7859bee2", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#3367c1638662d57c53caff0824ee94cd7859bee2", @@ -233,7 +256,7 @@ } } ], - "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", + "purl": "pkg:npm/%40cyclonedx/cyclonedx-library@6.5.0?download_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-javascript-library.git%234cea42bf5ec78f17b86dcd308022b6d52e9a98f0", "externalReferences": [ { "url": "git+ssh://git@github.com/CycloneDX/cyclonedx-javascript-library.git#4cea42bf5ec78f17b86dcd308022b6d52e9a98f0", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_macos-latest.snap.json index 4166507dc..cd21dc9d2 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_ubuntu-latest.snap.json index 4166507dc..cd21dc9d2 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_windows-latest.snap.json index 4166507dc..cd21dc9d2 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm10_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_macos-latest.snap.json index 748cacf64..0f1a312b0 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/dev-dependencies/project", + "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/dev-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_ubuntu-latest.snap.json index 748cacf64..0f1a312b0 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/dev-dependencies/project", + "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/dev-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_windows-latest.snap.json index 748cacf64..0f1a312b0 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/dev-dependencies/project", + "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/dev-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node22_windows-latest.snap.json index 748cacf64..0f1a312b0 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/dev-dependencies/project", + "purl": "pkg:npm/demo-dev-dependencies@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/dev-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_macos-latest.snap.json index 30a62076e..251a2ac93 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_ubuntu-latest.snap.json index 30a62076e..251a2ac93 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_windows-latest.snap.json index 30a62076e..251a2ac93 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json index e020db511..fc5717080 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json index e020db511..fc5717080 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json index e020db511..fc5717080 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm6_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_macos-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_ubuntu-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_windows-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm7_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_macos-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_ubuntu-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_windows-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm8_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_macos-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_ubuntu-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_windows-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json index bcfa7510d..cebcba066 100644 --- a/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/dev-dependencies_npm9_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_macos-latest.snap.json index 6841bab7c..b656b6b77 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_ubuntu-latest.snap.json index 834637dbe..c7cee1cd2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_windows-latest.snap.json index 834637dbe..c7cee1cd2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_macos-latest.snap.json index 77061bb11..4ab1060a2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_ubuntu-latest.snap.json index f1a448a15..02dac9818 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_windows-latest.snap.json index f1a448a15..02dac9818 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_macos-latest.snap.json index 931d70d14..1f57637a2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_ubuntu-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_windows-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm7_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_macos-latest.snap.json index 931d70d14..1f57637a2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_ubuntu-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_windows-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm8_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_macos-latest.snap.json index 931d70d14..1f57637a2 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_ubuntu-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_windows-latest.snap.json index e37be86d9..a3b7d96dc 100644 --- a/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/juice-shop_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_macos-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_ubuntu-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_windows-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm10_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_macos-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_ubuntu-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_windows-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node22_windows-latest.snap.json index 2b70b939a..68dfb7554 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_macos-latest.snap.json index 1f522596a..438becdb7 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -96,7 +119,7 @@ } } ], - "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_ubuntu-latest.snap.json index d82e79d89..9b7ac75ec 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -113,7 +136,7 @@ } } ], - "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -156,7 +179,7 @@ } } ], - "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", + "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_windows-latest.snap.json index d82e79d89..9b7ac75ec 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -113,7 +136,7 @@ } } ], - "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -156,7 +179,7 @@ } } ], - "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", + "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node16_macos-latest.snap.json index d82e79d89..9b7ac75ec 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -113,7 +136,7 @@ } } ], - "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -156,7 +179,7 @@ } } ], - "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", + "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json index d82e79d89..9b7ac75ec 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm6_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -113,7 +136,7 @@ } } ], - "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", + "purl": "pkg:npm/my-local-a@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-deps/project/packages/my-local-a", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", @@ -156,7 +179,7 @@ } } ], - "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A//git%40github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", + "purl": "pkg:npm/my-local-b-off@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project/packages/my-local-b", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_macos-latest.snap.json index d48eb1d17..70c8940f0 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_ubuntu-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node16_macos-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm7_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_macos-latest.snap.json index d48eb1d17..70c8940f0 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_ubuntu-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node16_macos-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm8_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_macos-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_ubuntu-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json index 98ba30079..54ea1ddba 100644 --- a/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-dependencies_npm9_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-local-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/local-dependencies/project", + "purl": "pkg:npm/demo-local-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/local-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_macos-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_ubuntu-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm10_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_macos-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_ubuntu-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node22_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_macos-latest.snap.json index ba6ae4823..0afa18d63 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_ubuntu-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node16_macos-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm7_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_macos-latest.snap.json index ba6ae4823..0afa18d63 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_ubuntu-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node16_macos-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm8_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_macos-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_ubuntu-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json index 584ae3395..54627b88c 100644 --- a/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/local-workspaces_npm9_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-workspaces", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A//git%40gitlab.example.com/my-packages/demo-workspaces.git", + "purl": "pkg:npm/demo-workspaces@0.0.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40gitlab.example.com%2Fmy-packages%2Fdemo-workspaces.git", "externalReferences": [ { "url": "git+ssh://git@gitlab.example.com/my-packages/demo-workspaces.git", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_macos-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_ubuntu-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_windows-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_macos-latest.snap.json index a8aef1ce9..b9683a177 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_macos-latest.snap.json @@ -4,62 +4,85 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", "bom-ref": "-/demo-package-integrity@-", "description": "demo: package-integrity -- packages with different integrity information.", - "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git", + "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_ubuntu-latest.snap.json index a8aef1ce9..b9683a177 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_ubuntu-latest.snap.json @@ -4,62 +4,85 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", "bom-ref": "-/demo-package-integrity@-", "description": "demo: package-integrity -- packages with different integrity information.", - "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git", + "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_windows-latest.snap.json index a8aef1ce9..b9683a177 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node20_windows-latest.snap.json @@ -4,62 +4,85 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", "bom-ref": "-/demo-package-integrity@-", "description": "demo: package-integrity -- packages with different integrity information.", - "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git", + "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node22_windows-latest.snap.json index a8aef1ce9..b9683a177 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm11_node22_windows-latest.snap.json @@ -4,62 +4,85 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", "bom-ref": "-/demo-package-integrity@-", "description": "demo: package-integrity -- packages with different integrity information.", - "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git", + "purl": "pkg:npm/demo-package-integrity?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_macos-latest.snap.json index 49cd0bcba..cb81c92ca 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_ubuntu-latest.snap.json index 49cd0bcba..cb81c92ca 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_windows-latest.snap.json index 49cd0bcba..cb81c92ca 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_macos-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_ubuntu-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_windows-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_macos-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_ubuntu-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_windows-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_macos-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_ubuntu-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_windows-latest.snap.json index 1e95034ff..1b7cb82d0 100644 --- a/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-integrity_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-integrity", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_macos-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_ubuntu-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_windows-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_macos-latest.snap.json index ba6cd9945..3b274512c 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_macos-latest.snap.json @@ -4,63 +4,86 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", "version": "1.0.0-123+456", "bom-ref": "demo-package-with-build-id@1.0.0-123+456", "description": "demo: package-with-build-id -- show how buildID in the version looks like", - "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A//gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f.git", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A%2F%2Fgist.github.com%2F44e29a0bc4a002ec3413d9f5c2c1962f.git", "externalReferences": [ { "url": "https://gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_ubuntu-latest.snap.json index ba6cd9945..3b274512c 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_ubuntu-latest.snap.json @@ -4,63 +4,86 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", "version": "1.0.0-123+456", "bom-ref": "demo-package-with-build-id@1.0.0-123+456", "description": "demo: package-with-build-id -- show how buildID in the version looks like", - "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A//gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f.git", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A%2F%2Fgist.github.com%2F44e29a0bc4a002ec3413d9f5c2c1962f.git", "externalReferences": [ { "url": "https://gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_windows-latest.snap.json index ba6cd9945..3b274512c 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node20_windows-latest.snap.json @@ -4,63 +4,86 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", "version": "1.0.0-123+456", "bom-ref": "demo-package-with-build-id@1.0.0-123+456", "description": "demo: package-with-build-id -- show how buildID in the version looks like", - "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A//gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f.git", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A%2F%2Fgist.github.com%2F44e29a0bc4a002ec3413d9f5c2c1962f.git", "externalReferences": [ { "url": "https://gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node22_windows-latest.snap.json index ba6cd9945..3b274512c 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm11_node22_windows-latest.snap.json @@ -4,63 +4,86 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", "version": "1.0.0-123+456", "bom-ref": "demo-package-with-build-id@1.0.0-123+456", "description": "demo: package-with-build-id -- show how buildID in the version looks like", - "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A//gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f.git", + "purl": "pkg:npm/demo-package-with-build-id@1.0.0-123+456?vcs_url=git%2Bhttps%3A%2F%2Fgist.github.com%2F44e29a0bc4a002ec3413d9f5c2c1962f.git", "externalReferences": [ { "url": "https://gist.github.com/44e29a0bc4a002ec3413d9f5c2c1962f", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_macos-latest.snap.json index baa487a64..37306498f 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_ubuntu-latest.snap.json index baa487a64..37306498f 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_windows-latest.snap.json index baa487a64..37306498f 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm6_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_macos-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_ubuntu-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_windows-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm7_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_macos-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_ubuntu-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_windows-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm8_node14_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_macos-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_macos-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_ubuntu-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_windows-latest.snap.json b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_windows-latest.snap.json index 6e34ac078..2da9f8161 100644 --- a/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/bare/package-with-build-id_npm9_node16_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-package-with-build-id", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_macos-latest.snap.json index 2c552f067..d481f7058 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json index 2c552f067..d481f7058 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_windows-latest.snap.json index 2c552f067..d481f7058 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_macos-latest.snap.json index 44fd81026..d57f6c707 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json index 44fd81026..d57f6c707 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_windows-latest.snap.json index 44fd81026..d57f6c707 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node22_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node22_windows-latest.snap.json index 44fd81026..d57f6c707 100644 --- a/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node22_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/bundled-dependencies_npm11_node22_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-bundled-deps", @@ -68,7 +91,7 @@ } } ], - "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A//github.com/CycloneDX/cyclonedx-node-npm.git#demo/bundled-dependencies/project", + "purl": "pkg:npm/demo-bundled-deps@0.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2FCycloneDX%2Fcyclonedx-node-npm.git#demo/bundled-dependencies/project", "externalReferences": [ { "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_macos-latest.snap.json index 2a7fca430..f3f2ee797 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_ubuntu-latest.snap.json index 709891be3..5f35b8f05 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_windows-latest.snap.json index 709891be3..5f35b8f05 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm10_node18_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_macos-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_macos-latest.snap.json index 1aa91ac67..0f622ab6b 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_macos-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_macos-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_ubuntu-latest.snap.json index faf28e401..9372901f8 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_windows-latest.snap.json b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_windows-latest.snap.json index faf28e401..9372901f8 100644 --- a/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_windows-latest.snap.json +++ b/tests/_data/sbom_demo-results/flatten-components/juice-shop_npm11_node20_windows-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "juice-shop", @@ -69,7 +92,7 @@ } } ], - "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A//github.com/juice-shop/juice-shop.git", + "purl": "pkg:npm/juice-shop@14.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjuice-shop%2Fjuice-shop.git", "externalReferences": [ { "url": "https://github.com/juice-shop/juice-shop/issues", diff --git a/tests/_data/sbom_demo-results/suppressed-error-on-non-zero-exit/dev-dependencies_npm8_node14_ubuntu-latest.snap.json b/tests/_data/sbom_demo-results/suppressed-error-on-non-zero-exit/dev-dependencies_npm8_node14_ubuntu-latest.snap.json index a84f52d86..5845153a4 100644 --- a/tests/_data/sbom_demo-results/suppressed-error-on-non-zero-exit/dev-dependencies_npm8_node14_ubuntu-latest.snap.json +++ b/tests/_data/sbom_demo-results/suppressed-error-on-non-zero-exit/dev-dependencies_npm8_node14_ubuntu-latest.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "demo-dev-dependencies", diff --git a/tests/_data/sbom_dummy-results/bare/with-prepared.snap.json b/tests/_data/sbom_dummy-results/bare/with-prepared.snap.json index 809a6eba9..9da3e621e 100644 --- a/tests/_data/sbom_dummy-results/bare/with-prepared.snap.json +++ b/tests/_data/sbom_dummy-results/bare/with-prepared.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "with-prepared", @@ -319,7 +342,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git", + "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git", "externalReferences": [ { "url": "http://github.com/oozcitak/infra/issues", @@ -406,7 +429,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git", + "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git", "externalReferences": [ { "url": "http://github.com/oozcitak/util/issues", @@ -806,7 +829,7 @@ } } ], - "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git", + "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git", "externalReferences": [ { "url": "https://github.com/ajv-validator/ajv/issues", @@ -1251,7 +1274,7 @@ } } ], - "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git", + "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git", "externalReferences": [ { "url": "https://github.com/feross/buffer/issues", @@ -1383,7 +1406,7 @@ } } ], - "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git", + "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/ansi-regex/issues", @@ -1423,7 +1446,7 @@ } } ], - "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git", + "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/builtin-modules/issues", @@ -1463,7 +1486,7 @@ } } ], - "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git", + "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/camelcase/issues", @@ -1503,7 +1526,7 @@ } } ], - "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git", + "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git", "externalReferences": [ { "url": "https://github.com/bcoe/cliui/issues", @@ -1543,7 +1566,7 @@ } } ], - "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git", + "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/code-point-at/issues", @@ -1583,7 +1606,7 @@ } } ], - "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git", + "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/decamelize/issues", @@ -1622,7 +1645,7 @@ } } ], - "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git", + "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git", "externalReferences": [ { "url": "https://github.com/qix-/node-error-ex/issues", @@ -1662,7 +1685,7 @@ } } ], - "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git", + "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/escape-string-regexp/issues", @@ -1702,7 +1725,7 @@ } } ], - "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git", + "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/find-up/issues", @@ -1741,7 +1764,7 @@ } } ], - "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-graceful-fs/issues", @@ -1781,7 +1804,7 @@ } } ], - "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git", "externalReferences": [ { "url": "https://github.com/npm/hosted-git-info/issues", @@ -1821,7 +1844,7 @@ } } ], - "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git", + "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/invert-kv/issues", @@ -1861,7 +1884,7 @@ } } ], - "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git", + "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git", "externalReferences": [ { "url": "https://github.com/qix-/node-is-arrayish/issues", @@ -1901,7 +1924,7 @@ } } ], - "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git", + "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-builtin-module/issues", @@ -1941,7 +1964,7 @@ } } ], - "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", @@ -1981,7 +2004,7 @@ } } ], - "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git", + "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git", "externalReferences": [ { "url": "https://github.com/wayfind/is-utf8/issues", @@ -2021,7 +2044,7 @@ } } ], - "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git", + "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/lcid/issues", @@ -2061,7 +2084,7 @@ } } ], - "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git", + "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/load-json-file/issues", @@ -2101,7 +2124,7 @@ } } ], - "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2141,7 +2164,7 @@ } } ], - "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2181,7 +2204,7 @@ } } ], - "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2221,7 +2244,7 @@ } } ], - "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git", + "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git", "externalReferences": [ { "url": "https://github.com/npm/normalize-package-data/issues", @@ -2261,7 +2284,7 @@ } } ], - "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git", + "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/number-is-nan/issues", @@ -2301,7 +2324,7 @@ } } ], - "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git", + "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/object-assign/issues", @@ -2341,7 +2364,7 @@ } } ], - "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git", + "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/os-locale/issues", @@ -2381,7 +2404,7 @@ } } ], - "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git", + "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/parse-json/issues", @@ -2421,7 +2444,7 @@ } } ], - "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git", + "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-exists/issues", @@ -2461,7 +2484,7 @@ } } ], - "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git", + "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-type/issues", @@ -2501,7 +2524,7 @@ } } ], - "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git", + "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pify/issues", @@ -2541,7 +2564,7 @@ } } ], - "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git", + "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie-promise/issues", @@ -2581,7 +2604,7 @@ } } ], - "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git", + "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie/issues", @@ -2621,7 +2644,7 @@ } } ], - "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git", + "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pkg-conf/issues", @@ -2661,7 +2684,7 @@ } } ], - "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git", + "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg-up/issues", @@ -2701,7 +2724,7 @@ } } ], - "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git", + "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg/issues", @@ -2741,7 +2764,7 @@ } } ], - "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git", + "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git", "externalReferences": [ { "url": "https://github.com/yargs/require-main-filename/issues", @@ -2780,7 +2803,7 @@ } } ], - "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -2820,7 +2843,7 @@ } } ], - "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git", + "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-correct.js/issues", @@ -2860,7 +2883,7 @@ } } ], - "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", @@ -2898,7 +2921,7 @@ "acknowledgement": "declared" } ], - "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git", + "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", @@ -2938,7 +2961,7 @@ } } ], - "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git", + "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git", "externalReferences": [ { "url": "https://github.com/shinnn/spdx-license-ids/issues", @@ -2978,7 +3001,7 @@ } } ], - "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/string-width/issues", @@ -3018,7 +3041,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -3058,7 +3081,7 @@ } } ], - "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git", + "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/strip-bom/issues", @@ -3098,7 +3121,7 @@ } } ], - "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git", + "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git", "externalReferences": [ { "url": "https://github.com/seanmonstar/symbol/issues", @@ -3138,7 +3161,7 @@ } } ], - "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", @@ -3178,7 +3201,7 @@ } } ], - "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git", + "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git", "externalReferences": [ { "url": "https://github.com/jonschlinkert/window-size/issues", @@ -3218,7 +3241,7 @@ } } ], - "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/wrap-ansi/issues", @@ -3258,7 +3281,7 @@ } } ], - "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git", + "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git", "externalReferences": [ { "url": "https://github.com/bcoe/y18n/issues", @@ -3298,7 +3321,7 @@ } } ], - "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git", + "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git", "externalReferences": [ { "url": "https://github.com/yargs/yargs-parser/issues", @@ -3337,7 +3360,7 @@ } } ], - "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git", + "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git", "externalReferences": [ { "url": "https://github.com/bcoe/yargs/issues", @@ -5229,7 +5252,7 @@ } } ], - "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git", + "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git", "externalReferences": [ { "url": "https://github.com/isaacs/inherits/issues", @@ -6034,7 +6057,7 @@ } } ], - "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git", "externalReferences": [ { "url": "https://github.com/isaacs/minipass-flush/issues", @@ -6328,7 +6351,7 @@ } } ], - "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git", "externalReferences": [ { "url": "https://github.com/isaacs/minizlib/issues", @@ -6906,7 +6929,7 @@ } } ], - "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git", + "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git", "externalReferences": [ { "url": "https://github.com/isaacs/once/issues", @@ -7216,7 +7239,7 @@ } } ], - "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git", "externalReferences": [ { "url": "https://github.com/npm/proc-log/issues", @@ -7523,7 +7546,7 @@ } } ], - "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git", + "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git", "externalReferences": [ { "url": "https://github.com/nodejs/readable-stream/issues", @@ -7698,7 +7721,7 @@ } } ], - "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git", + "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git", "externalReferences": [ { "url": "https://github.com/feross/safe-buffer/issues", @@ -7828,7 +7851,7 @@ } } ], - "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -8453,7 +8476,7 @@ } } ], - "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git", "externalReferences": [ { "url": "https://github.com/npm/ssri/issues", @@ -8856,7 +8879,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -9078,7 +9101,7 @@ } } ], - "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-tar/issues", @@ -9884,7 +9907,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -10061,7 +10084,7 @@ } } ], - "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git", "externalReferences": [ { "url": "https://github.com/isaacs/yallist/issues", diff --git a/tests/_data/sbom_dummy-results/bare/with-prepared.snap.xml b/tests/_data/sbom_dummy-results/bare/with-prepared.snap.xml index 729261a56..b565c3fcc 100644 --- a/tests/_data/sbom_dummy-results/bare/with-prepared.snap.xml +++ b/tests/_data/sbom_dummy-results/bare/with-prepared.snap.xml @@ -2,48 +2,64 @@ - - npm - npmVersion-testing - - - @cyclonedx - cyclonedx-library - libVersion-testing - - - https://github.com/CycloneDX/cyclonedx-javascript-library/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-javascript-library.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-javascript-library#readme - as detected from PackageJson property "homepage" - - - - - @cyclonedx - cyclonedx-npm - thisVersion-testing - - - https://github.com/CycloneDX/cyclonedx-node-npm/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-node-npm.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-node-npm#readme - as detected from PackageJson property "homepage" - - - + + + npm + npmVersion-testing + + + Jan Kowalleck + @cyclonedx + cyclonedx-library + 7.1.0 + Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser). + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-javascript-library/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-javascript-library.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-javascript-library#readme + as detected from PackageJson property "homepage" + + + + + Jan Kowalleck + @cyclonedx + cyclonedx-npm + thisVersion-testing + Create CycloneDX Software Bill of Materials (SBOM) from NPM projects. + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-node-npm/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-node-npm.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-node-npm#readme + as detected from PackageJson property "homepage" + + + + @dummy-projects @@ -237,7 +253,7 @@ MIT - pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git + pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git http://github.com/oozcitak/infra/issues @@ -301,7 +317,7 @@ MIT - pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git + pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git http://github.com/oozcitak/util/issues @@ -594,7 +610,7 @@ MIT - pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git + pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git https://github.com/ajv-validator/ajv/issues @@ -920,7 +936,7 @@ MIT - pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git + pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git https://github.com/feross/buffer/issues @@ -1017,7 +1033,7 @@ MIT - pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git + pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git https://github.com/sindresorhus/ansi-regex/issues @@ -1046,7 +1062,7 @@ MIT - pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git + pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git https://github.com/sindresorhus/builtin-modules/issues @@ -1075,7 +1091,7 @@ MIT - pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git + pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git https://github.com/sindresorhus/camelcase/issues @@ -1104,7 +1120,7 @@ ISC - pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git + pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git https://github.com/bcoe/cliui/issues @@ -1133,7 +1149,7 @@ MIT - pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git + pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git https://github.com/sindresorhus/code-point-at/issues @@ -1162,7 +1178,7 @@ MIT - pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git + pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git https://github.com/sindresorhus/decamelize/issues @@ -1190,7 +1206,7 @@ MIT - pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git + pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git https://github.com/qix-/node-error-ex/issues @@ -1219,7 +1235,7 @@ MIT - pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git + pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git https://github.com/sindresorhus/escape-string-regexp/issues @@ -1248,7 +1264,7 @@ MIT - pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git + pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git https://github.com/sindresorhus/find-up/issues @@ -1276,7 +1292,7 @@ ISC - pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git + pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git https://github.com/isaacs/node-graceful-fs/issues @@ -1305,7 +1321,7 @@ ISC - pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git + pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git https://github.com/npm/hosted-git-info/issues @@ -1334,7 +1350,7 @@ MIT - pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git + pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git https://github.com/sindresorhus/invert-kv/issues @@ -1363,7 +1379,7 @@ MIT - pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git + pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git https://github.com/qix-/node-is-arrayish/issues @@ -1392,7 +1408,7 @@ MIT - pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git + pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git https://github.com/sindresorhus/is-builtin-module/issues @@ -1421,7 +1437,7 @@ MIT - pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git + pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git https://github.com/sindresorhus/is-fullwidth-code-point/issues @@ -1450,7 +1466,7 @@ MIT - pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git + pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git https://github.com/wayfind/is-utf8/issues @@ -1479,7 +1495,7 @@ MIT - pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git + pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git https://github.com/sindresorhus/lcid/issues @@ -1508,7 +1524,7 @@ MIT - pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git + pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git https://github.com/sindresorhus/load-json-file/issues @@ -1537,7 +1553,7 @@ MIT - pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1566,7 +1582,7 @@ MIT - pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1595,7 +1611,7 @@ MIT - pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1624,7 +1640,7 @@ BSD-2-Clause - pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git + pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git https://github.com/npm/normalize-package-data/issues @@ -1653,7 +1669,7 @@ MIT - pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git + pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git https://github.com/sindresorhus/number-is-nan/issues @@ -1682,7 +1698,7 @@ MIT - pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git + pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git https://github.com/sindresorhus/object-assign/issues @@ -1711,7 +1727,7 @@ MIT - pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git + pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git https://github.com/sindresorhus/os-locale/issues @@ -1740,7 +1756,7 @@ MIT - pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git + pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git https://github.com/sindresorhus/parse-json/issues @@ -1769,7 +1785,7 @@ MIT - pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git + pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git https://github.com/sindresorhus/path-exists/issues @@ -1798,7 +1814,7 @@ MIT - pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git + pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git https://github.com/sindresorhus/path-type/issues @@ -1827,7 +1843,7 @@ MIT - pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git + pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git https://github.com/sindresorhus/pify/issues @@ -1856,7 +1872,7 @@ MIT - pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git + pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git https://github.com/floatdrop/pinkie-promise/issues @@ -1885,7 +1901,7 @@ MIT - pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git + pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git https://github.com/floatdrop/pinkie/issues @@ -1914,7 +1930,7 @@ MIT - pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git + pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git https://github.com/sindresorhus/pkg-conf/issues @@ -1943,7 +1959,7 @@ MIT - pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git + pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git https://github.com/sindresorhus/read-pkg-up/issues @@ -1972,7 +1988,7 @@ MIT - pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git + pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git https://github.com/sindresorhus/read-pkg/issues @@ -2001,7 +2017,7 @@ ISC - pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git + pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git https://github.com/yargs/require-main-filename/issues @@ -2029,7 +2045,7 @@ ISC - pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -2058,7 +2074,7 @@ Apache-2.0 - pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git + pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git https://github.com/kemitchell/spdx-correct.js/issues @@ -2087,7 +2103,7 @@ CC-BY-3.0 - pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git + pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git https://github.com/kemitchell/spdx-exceptions.json/issues @@ -2114,7 +2130,7 @@ (MIT AND CC-BY-3.0) - pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git + pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git https://github.com/kemitchell/spdx-expression-parse.js/issues @@ -2143,7 +2159,7 @@ Unlicense - pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git + pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git https://github.com/shinnn/spdx-license-ids/issues @@ -2172,7 +2188,7 @@ MIT - pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git + pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git https://github.com/sindresorhus/string-width/issues @@ -2201,7 +2217,7 @@ MIT - pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -2230,7 +2246,7 @@ MIT - pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git + pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git https://github.com/sindresorhus/strip-bom/issues @@ -2259,7 +2275,7 @@ MPLv2.0 - pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git + pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git https://github.com/seanmonstar/symbol/issues @@ -2288,7 +2304,7 @@ Apache-2.0 - pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git + pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git https://github.com/kemitchell/validate-npm-package-license.js/issues @@ -2317,7 +2333,7 @@ MIT - pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git + pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git https://github.com/jonschlinkert/window-size/issues @@ -2346,7 +2362,7 @@ MIT - pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git + pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git https://github.com/chalk/wrap-ansi/issues @@ -2375,7 +2391,7 @@ ISC - pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git + pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git https://github.com/bcoe/y18n/issues @@ -2404,7 +2420,7 @@ ISC - pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git + pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git https://github.com/yargs/yargs-parser/issues @@ -2432,7 +2448,7 @@ MIT - pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git + pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git https://github.com/bcoe/yargs/issues @@ -3818,7 +3834,7 @@ ISC - pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git + pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git https://github.com/isaacs/inherits/issues @@ -4408,7 +4424,7 @@ ISC - pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git + pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git https://github.com/isaacs/minipass-flush/issues @@ -4623,7 +4639,7 @@ MIT - pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git + pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git https://github.com/isaacs/minizlib/issues @@ -5046,7 +5062,7 @@ ISC - pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git + pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git https://github.com/isaacs/once/issues @@ -5273,7 +5289,7 @@ ISC - pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git + pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git https://github.com/npm/proc-log/issues @@ -5497,7 +5513,7 @@ MIT - pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git + pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git https://github.com/nodejs/readable-stream/issues @@ -5625,7 +5641,7 @@ MIT - pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git + pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git https://github.com/feross/safe-buffer/issues @@ -5720,7 +5736,7 @@ ISC - pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -6178,7 +6194,7 @@ ISC - pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git + pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git https://github.com/npm/ssri/issues @@ -6474,7 +6490,7 @@ MIT - pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -6637,7 +6653,7 @@ ISC - pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git + pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git https://github.com/isaacs/node-tar/issues @@ -7228,7 +7244,7 @@ MIT - pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -7358,7 +7374,7 @@ ISC - pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git + pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git https://github.com/isaacs/yallist/issues diff --git a/tests/_data/sbom_dummy-results/flat/with-prepared.snap.json b/tests/_data/sbom_dummy-results/flat/with-prepared.snap.json index 809a6eba9..9da3e621e 100644 --- a/tests/_data/sbom_dummy-results/flat/with-prepared.snap.json +++ b/tests/_data/sbom_dummy-results/flat/with-prepared.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "with-prepared", @@ -319,7 +342,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git", + "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git", "externalReferences": [ { "url": "http://github.com/oozcitak/infra/issues", @@ -406,7 +429,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git", + "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git", "externalReferences": [ { "url": "http://github.com/oozcitak/util/issues", @@ -806,7 +829,7 @@ } } ], - "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git", + "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git", "externalReferences": [ { "url": "https://github.com/ajv-validator/ajv/issues", @@ -1251,7 +1274,7 @@ } } ], - "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git", + "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git", "externalReferences": [ { "url": "https://github.com/feross/buffer/issues", @@ -1383,7 +1406,7 @@ } } ], - "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git", + "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/ansi-regex/issues", @@ -1423,7 +1446,7 @@ } } ], - "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git", + "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/builtin-modules/issues", @@ -1463,7 +1486,7 @@ } } ], - "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git", + "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/camelcase/issues", @@ -1503,7 +1526,7 @@ } } ], - "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git", + "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git", "externalReferences": [ { "url": "https://github.com/bcoe/cliui/issues", @@ -1543,7 +1566,7 @@ } } ], - "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git", + "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/code-point-at/issues", @@ -1583,7 +1606,7 @@ } } ], - "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git", + "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/decamelize/issues", @@ -1622,7 +1645,7 @@ } } ], - "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git", + "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git", "externalReferences": [ { "url": "https://github.com/qix-/node-error-ex/issues", @@ -1662,7 +1685,7 @@ } } ], - "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git", + "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/escape-string-regexp/issues", @@ -1702,7 +1725,7 @@ } } ], - "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git", + "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/find-up/issues", @@ -1741,7 +1764,7 @@ } } ], - "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-graceful-fs/issues", @@ -1781,7 +1804,7 @@ } } ], - "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git", "externalReferences": [ { "url": "https://github.com/npm/hosted-git-info/issues", @@ -1821,7 +1844,7 @@ } } ], - "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git", + "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/invert-kv/issues", @@ -1861,7 +1884,7 @@ } } ], - "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git", + "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git", "externalReferences": [ { "url": "https://github.com/qix-/node-is-arrayish/issues", @@ -1901,7 +1924,7 @@ } } ], - "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git", + "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-builtin-module/issues", @@ -1941,7 +1964,7 @@ } } ], - "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", @@ -1981,7 +2004,7 @@ } } ], - "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git", + "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git", "externalReferences": [ { "url": "https://github.com/wayfind/is-utf8/issues", @@ -2021,7 +2044,7 @@ } } ], - "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git", + "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/lcid/issues", @@ -2061,7 +2084,7 @@ } } ], - "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git", + "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/load-json-file/issues", @@ -2101,7 +2124,7 @@ } } ], - "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2141,7 +2164,7 @@ } } ], - "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2181,7 +2204,7 @@ } } ], - "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2221,7 +2244,7 @@ } } ], - "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git", + "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git", "externalReferences": [ { "url": "https://github.com/npm/normalize-package-data/issues", @@ -2261,7 +2284,7 @@ } } ], - "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git", + "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/number-is-nan/issues", @@ -2301,7 +2324,7 @@ } } ], - "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git", + "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/object-assign/issues", @@ -2341,7 +2364,7 @@ } } ], - "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git", + "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/os-locale/issues", @@ -2381,7 +2404,7 @@ } } ], - "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git", + "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/parse-json/issues", @@ -2421,7 +2444,7 @@ } } ], - "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git", + "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-exists/issues", @@ -2461,7 +2484,7 @@ } } ], - "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git", + "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-type/issues", @@ -2501,7 +2524,7 @@ } } ], - "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git", + "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pify/issues", @@ -2541,7 +2564,7 @@ } } ], - "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git", + "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie-promise/issues", @@ -2581,7 +2604,7 @@ } } ], - "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git", + "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie/issues", @@ -2621,7 +2644,7 @@ } } ], - "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git", + "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pkg-conf/issues", @@ -2661,7 +2684,7 @@ } } ], - "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git", + "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg-up/issues", @@ -2701,7 +2724,7 @@ } } ], - "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git", + "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg/issues", @@ -2741,7 +2764,7 @@ } } ], - "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git", + "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git", "externalReferences": [ { "url": "https://github.com/yargs/require-main-filename/issues", @@ -2780,7 +2803,7 @@ } } ], - "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -2820,7 +2843,7 @@ } } ], - "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git", + "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-correct.js/issues", @@ -2860,7 +2883,7 @@ } } ], - "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", @@ -2898,7 +2921,7 @@ "acknowledgement": "declared" } ], - "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git", + "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", @@ -2938,7 +2961,7 @@ } } ], - "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git", + "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git", "externalReferences": [ { "url": "https://github.com/shinnn/spdx-license-ids/issues", @@ -2978,7 +3001,7 @@ } } ], - "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/string-width/issues", @@ -3018,7 +3041,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -3058,7 +3081,7 @@ } } ], - "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git", + "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/strip-bom/issues", @@ -3098,7 +3121,7 @@ } } ], - "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git", + "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git", "externalReferences": [ { "url": "https://github.com/seanmonstar/symbol/issues", @@ -3138,7 +3161,7 @@ } } ], - "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", @@ -3178,7 +3201,7 @@ } } ], - "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git", + "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git", "externalReferences": [ { "url": "https://github.com/jonschlinkert/window-size/issues", @@ -3218,7 +3241,7 @@ } } ], - "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/wrap-ansi/issues", @@ -3258,7 +3281,7 @@ } } ], - "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git", + "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git", "externalReferences": [ { "url": "https://github.com/bcoe/y18n/issues", @@ -3298,7 +3321,7 @@ } } ], - "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git", + "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git", "externalReferences": [ { "url": "https://github.com/yargs/yargs-parser/issues", @@ -3337,7 +3360,7 @@ } } ], - "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git", + "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git", "externalReferences": [ { "url": "https://github.com/bcoe/yargs/issues", @@ -5229,7 +5252,7 @@ } } ], - "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git", + "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git", "externalReferences": [ { "url": "https://github.com/isaacs/inherits/issues", @@ -6034,7 +6057,7 @@ } } ], - "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git", "externalReferences": [ { "url": "https://github.com/isaacs/minipass-flush/issues", @@ -6328,7 +6351,7 @@ } } ], - "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git", "externalReferences": [ { "url": "https://github.com/isaacs/minizlib/issues", @@ -6906,7 +6929,7 @@ } } ], - "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git", + "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git", "externalReferences": [ { "url": "https://github.com/isaacs/once/issues", @@ -7216,7 +7239,7 @@ } } ], - "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git", "externalReferences": [ { "url": "https://github.com/npm/proc-log/issues", @@ -7523,7 +7546,7 @@ } } ], - "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git", + "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git", "externalReferences": [ { "url": "https://github.com/nodejs/readable-stream/issues", @@ -7698,7 +7721,7 @@ } } ], - "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git", + "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git", "externalReferences": [ { "url": "https://github.com/feross/safe-buffer/issues", @@ -7828,7 +7851,7 @@ } } ], - "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -8453,7 +8476,7 @@ } } ], - "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git", "externalReferences": [ { "url": "https://github.com/npm/ssri/issues", @@ -8856,7 +8879,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -9078,7 +9101,7 @@ } } ], - "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-tar/issues", @@ -9884,7 +9907,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -10061,7 +10084,7 @@ } } ], - "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git", "externalReferences": [ { "url": "https://github.com/isaacs/yallist/issues", diff --git a/tests/_data/sbom_dummy-results/flat/with-prepared.snap.xml b/tests/_data/sbom_dummy-results/flat/with-prepared.snap.xml index 729261a56..b565c3fcc 100644 --- a/tests/_data/sbom_dummy-results/flat/with-prepared.snap.xml +++ b/tests/_data/sbom_dummy-results/flat/with-prepared.snap.xml @@ -2,48 +2,64 @@ - - npm - npmVersion-testing - - - @cyclonedx - cyclonedx-library - libVersion-testing - - - https://github.com/CycloneDX/cyclonedx-javascript-library/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-javascript-library.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-javascript-library#readme - as detected from PackageJson property "homepage" - - - - - @cyclonedx - cyclonedx-npm - thisVersion-testing - - - https://github.com/CycloneDX/cyclonedx-node-npm/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-node-npm.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-node-npm#readme - as detected from PackageJson property "homepage" - - - + + + npm + npmVersion-testing + + + Jan Kowalleck + @cyclonedx + cyclonedx-library + 7.1.0 + Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser). + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-javascript-library/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-javascript-library.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-javascript-library#readme + as detected from PackageJson property "homepage" + + + + + Jan Kowalleck + @cyclonedx + cyclonedx-npm + thisVersion-testing + Create CycloneDX Software Bill of Materials (SBOM) from NPM projects. + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-node-npm/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-node-npm.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-node-npm#readme + as detected from PackageJson property "homepage" + + + + @dummy-projects @@ -237,7 +253,7 @@ MIT - pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git + pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git http://github.com/oozcitak/infra/issues @@ -301,7 +317,7 @@ MIT - pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git + pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git http://github.com/oozcitak/util/issues @@ -594,7 +610,7 @@ MIT - pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git + pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git https://github.com/ajv-validator/ajv/issues @@ -920,7 +936,7 @@ MIT - pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git + pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git https://github.com/feross/buffer/issues @@ -1017,7 +1033,7 @@ MIT - pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git + pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git https://github.com/sindresorhus/ansi-regex/issues @@ -1046,7 +1062,7 @@ MIT - pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git + pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git https://github.com/sindresorhus/builtin-modules/issues @@ -1075,7 +1091,7 @@ MIT - pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git + pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git https://github.com/sindresorhus/camelcase/issues @@ -1104,7 +1120,7 @@ ISC - pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git + pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git https://github.com/bcoe/cliui/issues @@ -1133,7 +1149,7 @@ MIT - pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git + pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git https://github.com/sindresorhus/code-point-at/issues @@ -1162,7 +1178,7 @@ MIT - pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git + pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git https://github.com/sindresorhus/decamelize/issues @@ -1190,7 +1206,7 @@ MIT - pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git + pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git https://github.com/qix-/node-error-ex/issues @@ -1219,7 +1235,7 @@ MIT - pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git + pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git https://github.com/sindresorhus/escape-string-regexp/issues @@ -1248,7 +1264,7 @@ MIT - pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git + pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git https://github.com/sindresorhus/find-up/issues @@ -1276,7 +1292,7 @@ ISC - pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git + pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git https://github.com/isaacs/node-graceful-fs/issues @@ -1305,7 +1321,7 @@ ISC - pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git + pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git https://github.com/npm/hosted-git-info/issues @@ -1334,7 +1350,7 @@ MIT - pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git + pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git https://github.com/sindresorhus/invert-kv/issues @@ -1363,7 +1379,7 @@ MIT - pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git + pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git https://github.com/qix-/node-is-arrayish/issues @@ -1392,7 +1408,7 @@ MIT - pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git + pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git https://github.com/sindresorhus/is-builtin-module/issues @@ -1421,7 +1437,7 @@ MIT - pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git + pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git https://github.com/sindresorhus/is-fullwidth-code-point/issues @@ -1450,7 +1466,7 @@ MIT - pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git + pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git https://github.com/wayfind/is-utf8/issues @@ -1479,7 +1495,7 @@ MIT - pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git + pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git https://github.com/sindresorhus/lcid/issues @@ -1508,7 +1524,7 @@ MIT - pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git + pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git https://github.com/sindresorhus/load-json-file/issues @@ -1537,7 +1553,7 @@ MIT - pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1566,7 +1582,7 @@ MIT - pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1595,7 +1611,7 @@ MIT - pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1624,7 +1640,7 @@ BSD-2-Clause - pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git + pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git https://github.com/npm/normalize-package-data/issues @@ -1653,7 +1669,7 @@ MIT - pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git + pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git https://github.com/sindresorhus/number-is-nan/issues @@ -1682,7 +1698,7 @@ MIT - pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git + pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git https://github.com/sindresorhus/object-assign/issues @@ -1711,7 +1727,7 @@ MIT - pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git + pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git https://github.com/sindresorhus/os-locale/issues @@ -1740,7 +1756,7 @@ MIT - pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git + pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git https://github.com/sindresorhus/parse-json/issues @@ -1769,7 +1785,7 @@ MIT - pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git + pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git https://github.com/sindresorhus/path-exists/issues @@ -1798,7 +1814,7 @@ MIT - pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git + pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git https://github.com/sindresorhus/path-type/issues @@ -1827,7 +1843,7 @@ MIT - pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git + pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git https://github.com/sindresorhus/pify/issues @@ -1856,7 +1872,7 @@ MIT - pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git + pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git https://github.com/floatdrop/pinkie-promise/issues @@ -1885,7 +1901,7 @@ MIT - pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git + pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git https://github.com/floatdrop/pinkie/issues @@ -1914,7 +1930,7 @@ MIT - pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git + pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git https://github.com/sindresorhus/pkg-conf/issues @@ -1943,7 +1959,7 @@ MIT - pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git + pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git https://github.com/sindresorhus/read-pkg-up/issues @@ -1972,7 +1988,7 @@ MIT - pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git + pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git https://github.com/sindresorhus/read-pkg/issues @@ -2001,7 +2017,7 @@ ISC - pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git + pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git https://github.com/yargs/require-main-filename/issues @@ -2029,7 +2045,7 @@ ISC - pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -2058,7 +2074,7 @@ Apache-2.0 - pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git + pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git https://github.com/kemitchell/spdx-correct.js/issues @@ -2087,7 +2103,7 @@ CC-BY-3.0 - pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git + pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git https://github.com/kemitchell/spdx-exceptions.json/issues @@ -2114,7 +2130,7 @@ (MIT AND CC-BY-3.0) - pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git + pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git https://github.com/kemitchell/spdx-expression-parse.js/issues @@ -2143,7 +2159,7 @@ Unlicense - pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git + pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git https://github.com/shinnn/spdx-license-ids/issues @@ -2172,7 +2188,7 @@ MIT - pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git + pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git https://github.com/sindresorhus/string-width/issues @@ -2201,7 +2217,7 @@ MIT - pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -2230,7 +2246,7 @@ MIT - pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git + pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git https://github.com/sindresorhus/strip-bom/issues @@ -2259,7 +2275,7 @@ MPLv2.0 - pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git + pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git https://github.com/seanmonstar/symbol/issues @@ -2288,7 +2304,7 @@ Apache-2.0 - pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git + pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git https://github.com/kemitchell/validate-npm-package-license.js/issues @@ -2317,7 +2333,7 @@ MIT - pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git + pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git https://github.com/jonschlinkert/window-size/issues @@ -2346,7 +2362,7 @@ MIT - pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git + pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git https://github.com/chalk/wrap-ansi/issues @@ -2375,7 +2391,7 @@ ISC - pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git + pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git https://github.com/bcoe/y18n/issues @@ -2404,7 +2420,7 @@ ISC - pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git + pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git https://github.com/yargs/yargs-parser/issues @@ -2432,7 +2448,7 @@ MIT - pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git + pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git https://github.com/bcoe/yargs/issues @@ -3818,7 +3834,7 @@ ISC - pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git + pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git https://github.com/isaacs/inherits/issues @@ -4408,7 +4424,7 @@ ISC - pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git + pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git https://github.com/isaacs/minipass-flush/issues @@ -4623,7 +4639,7 @@ MIT - pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git + pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git https://github.com/isaacs/minizlib/issues @@ -5046,7 +5062,7 @@ ISC - pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git + pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git https://github.com/isaacs/once/issues @@ -5273,7 +5289,7 @@ ISC - pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git + pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git https://github.com/npm/proc-log/issues @@ -5497,7 +5513,7 @@ MIT - pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git + pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git https://github.com/nodejs/readable-stream/issues @@ -5625,7 +5641,7 @@ MIT - pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git + pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git https://github.com/feross/safe-buffer/issues @@ -5720,7 +5736,7 @@ ISC - pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -6178,7 +6194,7 @@ ISC - pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git + pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git https://github.com/npm/ssri/issues @@ -6474,7 +6490,7 @@ MIT - pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -6637,7 +6653,7 @@ ISC - pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git + pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git https://github.com/isaacs/node-tar/issues @@ -7228,7 +7244,7 @@ MIT - pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -7358,7 +7374,7 @@ ISC - pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git + pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git https://github.com/isaacs/yallist/issues diff --git a/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.json b/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.json index 5236faa92..439e528b3 100644 --- a/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.json +++ b/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.json @@ -4,56 +4,79 @@ "specVersion": "1.6", "version": 1, "metadata": { - "tools": [ - { - "name": "npm", - "version": "npmVersion-testing" - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-library", - "version": "libVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - }, - { - "vendor": "@cyclonedx", - "name": "cyclonedx-npm", - "version": "thisVersion-testing", - "externalReferences": [ - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", - "type": "issue-tracker", - "comment": "as detected from PackageJson property \"bugs.url\"" - }, - { - "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", - "type": "vcs", - "comment": "as detected from PackageJson property \"repository.url\"" - }, - { - "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", - "type": "website", - "comment": "as detected from PackageJson property \"homepage\"" - } - ] - } - ], + "tools": { + "components": [ + { + "type": "application", + "name": "npm", + "version": "npmVersion-testing" + }, + { + "type": "library", + "name": "cyclonedx-library", + "group": "@cyclonedx", + "version": "libVersion-testing", + "author": "Jan Kowalleck", + "description": "Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-javascript-library.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-javascript-library#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + }, + { + "type": "application", + "name": "cyclonedx-npm", + "group": "@cyclonedx", + "version": "thisVersion-testing", + "author": "Jan Kowalleck", + "description": "Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.", + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm/issues", + "type": "issue-tracker", + "comment": "as detected from PackageJson property \"bugs.url\"" + }, + { + "url": "git+https://github.com/CycloneDX/cyclonedx-node-npm.git", + "type": "vcs", + "comment": "as detected from PackageJson property \"repository.url\"" + }, + { + "url": "https://github.com/CycloneDX/cyclonedx-node-npm#readme", + "type": "website", + "comment": "as detected from PackageJson property \"homepage\"" + } + ] + } + ] + }, "component": { "type": "application", "name": "with-prepared", @@ -400,7 +423,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git", + "purl": "pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git", "externalReferences": [ { "url": "http://github.com/oozcitak/infra/issues", @@ -515,7 +538,7 @@ } } ], - "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git", + "purl": "pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git", "externalReferences": [ { "url": "http://github.com/oozcitak/util/issues", @@ -1041,7 +1064,7 @@ } } ], - "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git", + "purl": "pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git", "externalReferences": [ { "url": "https://github.com/ajv-validator/ajv/issues", @@ -1626,7 +1649,7 @@ } } ], - "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git", + "purl": "pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git", "externalReferences": [ { "url": "https://github.com/feross/buffer/issues", @@ -1786,7 +1809,7 @@ } } ], - "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git", + "purl": "pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/ansi-regex/issues", @@ -1840,7 +1863,7 @@ } } ], - "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git", + "purl": "pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/builtin-modules/issues", @@ -1894,7 +1917,7 @@ } } ], - "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git", + "purl": "pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/camelcase/issues", @@ -1948,7 +1971,7 @@ } } ], - "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git", + "purl": "pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git", "externalReferences": [ { "url": "https://github.com/bcoe/cliui/issues", @@ -2002,7 +2025,7 @@ } } ], - "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git", + "purl": "pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/code-point-at/issues", @@ -2056,7 +2079,7 @@ } } ], - "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git", + "purl": "pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/decamelize/issues", @@ -2109,7 +2132,7 @@ } } ], - "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git", + "purl": "pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git", "externalReferences": [ { "url": "https://github.com/qix-/node-error-ex/issues", @@ -2163,7 +2186,7 @@ } } ], - "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git", + "purl": "pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/escape-string-regexp/issues", @@ -2217,7 +2240,7 @@ } } ], - "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git", + "purl": "pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/find-up/issues", @@ -2270,7 +2293,7 @@ } } ], - "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git", + "purl": "pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-graceful-fs/issues", @@ -2324,7 +2347,7 @@ } } ], - "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git", + "purl": "pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git", "externalReferences": [ { "url": "https://github.com/npm/hosted-git-info/issues", @@ -2378,7 +2401,7 @@ } } ], - "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git", + "purl": "pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/invert-kv/issues", @@ -2419,7 +2442,7 @@ } } ], - "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git", + "purl": "pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git", "externalReferences": [ { "url": "https://github.com/qix-/node-is-arrayish/issues", @@ -2473,7 +2496,7 @@ } } ], - "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git", + "purl": "pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-builtin-module/issues", @@ -2527,7 +2550,7 @@ } } ], - "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git", + "purl": "pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/is-fullwidth-code-point/issues", @@ -2581,7 +2604,7 @@ } } ], - "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git", + "purl": "pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git", "externalReferences": [ { "url": "https://github.com/wayfind/is-utf8/issues", @@ -2635,7 +2658,7 @@ } } ], - "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git", + "purl": "pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/lcid/issues", @@ -2689,7 +2712,7 @@ } } ], - "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git", + "purl": "pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/load-json-file/issues", @@ -2743,7 +2766,7 @@ } } ], - "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2797,7 +2820,7 @@ } } ], - "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2851,7 +2874,7 @@ } } ], - "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git", + "purl": "pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git", "externalReferences": [ { "url": "https://github.com/lodash/lodash/issues", @@ -2905,7 +2928,7 @@ } } ], - "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git", + "purl": "pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git", "externalReferences": [ { "url": "https://github.com/npm/normalize-package-data/issues", @@ -2959,7 +2982,7 @@ } } ], - "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git", + "purl": "pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/number-is-nan/issues", @@ -3013,7 +3036,7 @@ } } ], - "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git", + "purl": "pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/object-assign/issues", @@ -3067,7 +3090,7 @@ } } ], - "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git", + "purl": "pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/os-locale/issues", @@ -3121,7 +3144,7 @@ } } ], - "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git", + "purl": "pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/parse-json/issues", @@ -3175,7 +3198,7 @@ } } ], - "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git", + "purl": "pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-exists/issues", @@ -3229,7 +3252,7 @@ } } ], - "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git", + "purl": "pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/path-type/issues", @@ -3283,7 +3306,7 @@ } } ], - "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git", + "purl": "pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pify/issues", @@ -3337,7 +3360,7 @@ } } ], - "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git", + "purl": "pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie-promise/issues", @@ -3391,7 +3414,7 @@ } } ], - "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git", + "purl": "pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git", "externalReferences": [ { "url": "https://github.com/floatdrop/pinkie/issues", @@ -3445,7 +3468,7 @@ } } ], - "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git", + "purl": "pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/pkg-conf/issues", @@ -3499,7 +3522,7 @@ } } ], - "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git", + "purl": "pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg-up/issues", @@ -3553,7 +3576,7 @@ } } ], - "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git", + "purl": "pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/read-pkg/issues", @@ -3607,7 +3630,7 @@ } } ], - "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git", + "purl": "pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git", "externalReferences": [ { "url": "https://github.com/yargs/require-main-filename/issues", @@ -3660,7 +3683,7 @@ } } ], - "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -3714,7 +3737,7 @@ } } ], - "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git", + "purl": "pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-correct.js/issues", @@ -3768,7 +3791,7 @@ } } ], - "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git", + "purl": "pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-exceptions.json/issues", @@ -3807,7 +3830,7 @@ "acknowledgement": "declared" } ], - "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git", + "purl": "pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/spdx-expression-parse.js/issues", @@ -3861,7 +3884,7 @@ } } ], - "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git", + "purl": "pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git", "externalReferences": [ { "url": "https://github.com/shinnn/spdx-license-ids/issues", @@ -3915,7 +3938,7 @@ } } ], - "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git", + "purl": "pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/string-width/issues", @@ -3969,7 +3992,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -4023,7 +4046,7 @@ } } ], - "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git", + "purl": "pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git", "externalReferences": [ { "url": "https://github.com/sindresorhus/strip-bom/issues", @@ -4077,7 +4100,7 @@ } } ], - "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git", + "purl": "pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git", "externalReferences": [ { "url": "https://github.com/seanmonstar/symbol/issues", @@ -4131,7 +4154,7 @@ } } ], - "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git", + "purl": "pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git", "externalReferences": [ { "url": "https://github.com/kemitchell/validate-npm-package-license.js/issues", @@ -4185,7 +4208,7 @@ } } ], - "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git", + "purl": "pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git", "externalReferences": [ { "url": "https://github.com/jonschlinkert/window-size/issues", @@ -4239,7 +4262,7 @@ } } ], - "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git", + "purl": "pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/wrap-ansi/issues", @@ -4293,7 +4316,7 @@ } } ], - "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git", + "purl": "pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git", "externalReferences": [ { "url": "https://github.com/bcoe/y18n/issues", @@ -4334,7 +4357,7 @@ } } ], - "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git", + "purl": "pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git", "externalReferences": [ { "url": "https://github.com/yargs/yargs-parser/issues", @@ -4387,7 +4410,7 @@ } } ], - "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git", + "purl": "pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git", "externalReferences": [ { "url": "https://github.com/bcoe/yargs/issues", @@ -6842,7 +6865,7 @@ } } ], - "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git", + "purl": "pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git", "externalReferences": [ { "url": "https://github.com/isaacs/inherits/issues", @@ -7899,7 +7922,7 @@ } } ], - "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git", + "purl": "pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git", "externalReferences": [ { "url": "https://github.com/isaacs/minipass-flush/issues", @@ -8291,7 +8314,7 @@ } } ], - "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git", + "purl": "pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git", "externalReferences": [ { "url": "https://github.com/isaacs/minizlib/issues", @@ -9051,7 +9074,7 @@ } } ], - "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git", + "purl": "pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git", "externalReferences": [ { "url": "https://github.com/isaacs/once/issues", @@ -9459,7 +9482,7 @@ } } ], - "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git", + "purl": "pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git", "externalReferences": [ { "url": "https://github.com/npm/proc-log/issues", @@ -9861,7 +9884,7 @@ } } ], - "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git", + "purl": "pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git", "externalReferences": [ { "url": "https://github.com/nodejs/readable-stream/issues", @@ -10092,7 +10115,7 @@ } } ], - "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git", + "purl": "pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git", "externalReferences": [ { "url": "https://github.com/feross/safe-buffer/issues", @@ -10251,7 +10274,7 @@ } } ], - "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git", + "purl": "pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git", "externalReferences": [ { "url": "https://github.com/npm/node-semver/issues", @@ -11046,7 +11069,7 @@ } } ], - "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git", + "purl": "pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git", "externalReferences": [ { "url": "https://github.com/npm/ssri/issues", @@ -11575,7 +11598,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -11867,7 +11890,7 @@ } } ], - "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git", + "purl": "pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git", "externalReferences": [ { "url": "https://github.com/isaacs/node-tar/issues", @@ -12898,7 +12921,7 @@ } } ], - "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git", + "purl": "pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git", "externalReferences": [ { "url": "https://github.com/chalk/strip-ansi/issues", @@ -13145,7 +13168,7 @@ } } ], - "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git", + "purl": "pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git", "externalReferences": [ { "url": "https://github.com/isaacs/yallist/issues", diff --git a/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.xml b/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.xml index 0d44168eb..c9b137e51 100644 --- a/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.xml +++ b/tests/_data/sbom_dummy-results/with-licenses/with-prepared.snap.xml @@ -2,48 +2,64 @@ - - npm - npmVersion-testing - - - @cyclonedx - cyclonedx-library - libVersion-testing - - - https://github.com/CycloneDX/cyclonedx-javascript-library/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-javascript-library.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-javascript-library#readme - as detected from PackageJson property "homepage" - - - - - @cyclonedx - cyclonedx-npm - thisVersion-testing - - - https://github.com/CycloneDX/cyclonedx-node-npm/issues - as detected from PackageJson property "bugs.url" - - - git+https://github.com/CycloneDX/cyclonedx-node-npm.git - as detected from PackageJson property "repository.url" - - - https://github.com/CycloneDX/cyclonedx-node-npm#readme - as detected from PackageJson property "homepage" - - - + + + npm + npmVersion-testing + + + Jan Kowalleck + @cyclonedx + cyclonedx-library + 7.1.0 + Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser). + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-javascript-library/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-javascript-library.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-javascript-library#readme + as detected from PackageJson property "homepage" + + + + + Jan Kowalleck + @cyclonedx + cyclonedx-npm + thisVersion-testing + Create CycloneDX Software Bill of Materials (SBOM) from NPM projects. + + + Apache-2.0 + + + + + https://github.com/CycloneDX/cyclonedx-node-npm/issues + as detected from PackageJson property "bugs.url" + + + git+https://github.com/CycloneDX/cyclonedx-node-npm.git + as detected from PackageJson property "repository.url" + + + https://github.com/CycloneDX/cyclonedx-node-npm#readme + as detected from PackageJson property "homepage" + + + + @dummy-projects @@ -282,7 +298,7 @@ MIT - pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A//github.com/oozcitak/infra.git + pkg:npm/%40oozcitak/infra@1.0.8?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Foozcitak%2Finfra.git http://github.com/oozcitak/infra/issues @@ -362,7 +378,7 @@ MIT - pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A//github.com/oozcitak/util.git + pkg:npm/%40oozcitak/util@8.3.8?vcs_url=git%3A%2F%2Fgithub.com%2Foozcitak%2Futil.git http://github.com/oozcitak/util/issues @@ -727,7 +743,7 @@ MIT - pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A//github.com/ajv-validator/ajv.git + pkg:npm/ajv@8.17.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fajv-validator%2Fajv.git https://github.com/ajv-validator/ajv/issues @@ -1133,7 +1149,7 @@ MIT - pkg:npm/buffer@5.7.1?vcs_url=git%3A//github.com/feross/buffer.git + pkg:npm/buffer@5.7.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fbuffer.git https://github.com/feross/buffer/issues @@ -1246,7 +1262,7 @@ MIT - pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/ansi-regex.git + pkg:npm/ansi-regex@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fansi-regex.git https://github.com/sindresorhus/ansi-regex/issues @@ -1283,7 +1299,7 @@ MIT - pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/builtin-modules.git + pkg:npm/builtin-modules@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fbuiltin-modules.git https://github.com/sindresorhus/builtin-modules/issues @@ -1320,7 +1336,7 @@ MIT - pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/camelcase.git + pkg:npm/camelcase@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcamelcase.git https://github.com/sindresorhus/camelcase/issues @@ -1357,7 +1373,7 @@ ISC - pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/cliui.git + pkg:npm/cliui@3.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fcliui.git https://github.com/bcoe/cliui/issues @@ -1394,7 +1410,7 @@ MIT - pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/code-point-at.git + pkg:npm/code-point-at@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fcode-point-at.git https://github.com/sindresorhus/code-point-at/issues @@ -1431,7 +1447,7 @@ MIT - pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/decamelize.git + pkg:npm/decamelize@1.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fdecamelize.git https://github.com/sindresorhus/decamelize/issues @@ -1467,7 +1483,7 @@ MIT - pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A//github.com/qix-/node-error-ex.git + pkg:npm/error-ex@1.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-error-ex.git https://github.com/qix-/node-error-ex/issues @@ -1504,7 +1520,7 @@ MIT - pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/escape-string-regexp.git + pkg:npm/escape-string-regexp@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fescape-string-regexp.git https://github.com/sindresorhus/escape-string-regexp/issues @@ -1541,7 +1557,7 @@ MIT - pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/find-up.git + pkg:npm/find-up@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Ffind-up.git https://github.com/sindresorhus/find-up/issues @@ -1577,7 +1593,7 @@ ISC - pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-graceful-fs.git + pkg:npm/graceful-fs@4.1.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-graceful-fs.git https://github.com/isaacs/node-graceful-fs/issues @@ -1614,7 +1630,7 @@ ISC - pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A//github.com/npm/hosted-git-info.git + pkg:npm/hosted-git-info@2.1.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fhosted-git-info.git https://github.com/npm/hosted-git-info/issues @@ -1651,7 +1667,7 @@ MIT - pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/invert-kv.git + pkg:npm/invert-kv@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Finvert-kv.git https://github.com/sindresorhus/invert-kv/issues @@ -1681,7 +1697,7 @@ MIT - pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A//github.com/qix-/node-is-arrayish.git + pkg:npm/is-arrayish@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fqix-%2Fnode-is-arrayish.git https://github.com/qix-/node-is-arrayish/issues @@ -1718,7 +1734,7 @@ MIT - pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-builtin-module.git + pkg:npm/is-builtin-module@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-builtin-module.git https://github.com/sindresorhus/is-builtin-module/issues @@ -1755,7 +1771,7 @@ MIT - pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/is-fullwidth-code-point.git + pkg:npm/is-fullwidth-code-point@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fis-fullwidth-code-point.git https://github.com/sindresorhus/is-fullwidth-code-point/issues @@ -1792,7 +1808,7 @@ MIT - pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A//github.com/wayfind/is-utf8.git + pkg:npm/is-utf8@0.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fwayfind%2Fis-utf8.git https://github.com/wayfind/is-utf8/issues @@ -1829,7 +1845,7 @@ MIT - pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/lcid.git + pkg:npm/lcid@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Flcid.git https://github.com/sindresorhus/lcid/issues @@ -1866,7 +1882,7 @@ MIT - pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/load-json-file.git + pkg:npm/load-json-file@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fload-json-file.git https://github.com/sindresorhus/load-json-file/issues @@ -1903,7 +1919,7 @@ MIT - pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.assign@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1940,7 +1956,7 @@ MIT - pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.keys@4.0.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -1977,7 +1993,7 @@ MIT - pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A//github.com/lodash/lodash.git + pkg:npm/lodash.rest@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Flodash%2Flodash.git https://github.com/lodash/lodash/issues @@ -2014,7 +2030,7 @@ BSD-2-Clause - pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A//github.com/npm/normalize-package-data.git + pkg:npm/normalize-package-data@2.3.5?vcs_url=git%3A%2F%2Fgithub.com%2Fnpm%2Fnormalize-package-data.git https://github.com/npm/normalize-package-data/issues @@ -2051,7 +2067,7 @@ MIT - pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/number-is-nan.git + pkg:npm/number-is-nan@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fnumber-is-nan.git https://github.com/sindresorhus/number-is-nan/issues @@ -2088,7 +2104,7 @@ MIT - pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/object-assign.git + pkg:npm/object-assign@4.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fobject-assign.git https://github.com/sindresorhus/object-assign/issues @@ -2125,7 +2141,7 @@ MIT - pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/os-locale.git + pkg:npm/os-locale@1.4.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fos-locale.git https://github.com/sindresorhus/os-locale/issues @@ -2162,7 +2178,7 @@ MIT - pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/parse-json.git + pkg:npm/parse-json@2.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fparse-json.git https://github.com/sindresorhus/parse-json/issues @@ -2199,7 +2215,7 @@ MIT - pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-exists.git + pkg:npm/path-exists@2.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-exists.git https://github.com/sindresorhus/path-exists/issues @@ -2236,7 +2252,7 @@ MIT - pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/path-type.git + pkg:npm/path-type@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpath-type.git https://github.com/sindresorhus/path-type/issues @@ -2273,7 +2289,7 @@ MIT - pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pify.git + pkg:npm/pify@2.3.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpify.git https://github.com/sindresorhus/pify/issues @@ -2310,7 +2326,7 @@ MIT - pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie-promise.git + pkg:npm/pinkie-promise@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie-promise.git https://github.com/floatdrop/pinkie-promise/issues @@ -2347,7 +2363,7 @@ MIT - pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A//github.com/floatdrop/pinkie.git + pkg:npm/pinkie@2.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Ffloatdrop%2Fpinkie.git https://github.com/floatdrop/pinkie/issues @@ -2384,7 +2400,7 @@ MIT - pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/pkg-conf.git + pkg:npm/pkg-conf@1.1.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fpkg-conf.git https://github.com/sindresorhus/pkg-conf/issues @@ -2421,7 +2437,7 @@ MIT - pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg-up.git + pkg:npm/read-pkg-up@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg-up.git https://github.com/sindresorhus/read-pkg-up/issues @@ -2458,7 +2474,7 @@ MIT - pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/read-pkg.git + pkg:npm/read-pkg@1.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fread-pkg.git https://github.com/sindresorhus/read-pkg/issues @@ -2495,7 +2511,7 @@ ISC - pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A//git%40github.com/yargs/require-main-filename.git + pkg:npm/require-main-filename@1.0.1?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Frequire-main-filename.git https://github.com/yargs/require-main-filename/issues @@ -2531,7 +2547,7 @@ ISC - pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@5.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -2568,7 +2584,7 @@ Apache-2.0 - pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-correct.js.git + pkg:npm/spdx-correct@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-correct.js.git https://github.com/kemitchell/spdx-correct.js/issues @@ -2605,7 +2621,7 @@ CC-BY-3.0 - pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-exceptions.json.git + pkg:npm/spdx-exceptions@1.0.4?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-exceptions.json.git https://github.com/kemitchell/spdx-exceptions.json/issues @@ -2633,7 +2649,7 @@ (MIT AND CC-BY-3.0) - pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A//github.com/kemitchell/spdx-expression-parse.js.git + pkg:npm/spdx-expression-parse@1.0.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fspdx-expression-parse.js.git https://github.com/kemitchell/spdx-expression-parse.js/issues @@ -2670,7 +2686,7 @@ Unlicense - pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A//github.com/shinnn/spdx-license-ids.git + pkg:npm/spdx-license-ids@1.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fshinnn%2Fspdx-license-ids.git https://github.com/shinnn/spdx-license-ids/issues @@ -2707,7 +2723,7 @@ MIT - pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/string-width.git + pkg:npm/string-width@1.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstring-width.git https://github.com/sindresorhus/string-width/issues @@ -2744,7 +2760,7 @@ MIT - pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -2781,7 +2797,7 @@ MIT - pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A//github.com/sindresorhus/strip-bom.git + pkg:npm/strip-bom@2.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fsindresorhus%2Fstrip-bom.git https://github.com/sindresorhus/strip-bom/issues @@ -2818,7 +2834,7 @@ MPLv2.0 - pkg:npm/symbol@0.2.1?vcs_url=git%3A//github.com/seanmonstar/symbol.git + pkg:npm/symbol@0.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Fseanmonstar%2Fsymbol.git https://github.com/seanmonstar/symbol/issues @@ -2855,7 +2871,7 @@ Apache-2.0 - pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A//github.com/kemitchell/validate-npm-package-license.js.git + pkg:npm/validate-npm-package-license@3.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fkemitchell%2Fvalidate-npm-package-license.js.git https://github.com/kemitchell/validate-npm-package-license.js/issues @@ -2892,7 +2908,7 @@ MIT - pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A//github.com/jonschlinkert/window-size.git + pkg:npm/window-size@0.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fjonschlinkert%2Fwindow-size.git https://github.com/jonschlinkert/window-size/issues @@ -2929,7 +2945,7 @@ MIT - pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A//github.com/chalk/wrap-ansi.git + pkg:npm/wrap-ansi@1.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fwrap-ansi.git https://github.com/chalk/wrap-ansi/issues @@ -2966,7 +2982,7 @@ ISC - pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/y18n.git + pkg:npm/y18n@3.2.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fy18n.git https://github.com/bcoe/y18n/issues @@ -2996,7 +3012,7 @@ ISC - pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A//git%40github.com/yargs/yargs-parser.git + pkg:npm/yargs-parser@2.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fyargs%2Fyargs-parser.git https://github.com/yargs/yargs-parser/issues @@ -3032,7 +3048,7 @@ MIT - pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A//git%40github.com/bcoe/yargs.git + pkg:npm/yargs@4.1.0?vcs_url=git%2Bssh%3A%2F%2Fgit%40github.com%2Fbcoe%2Fyargs.git https://github.com/bcoe/yargs/issues @@ -4741,7 +4757,7 @@ ISC - pkg:npm/inherits@2.0.4?vcs_url=git%3A//github.com/isaacs/inherits.git + pkg:npm/inherits@2.0.4?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Finherits.git https://github.com/isaacs/inherits/issues @@ -5475,7 +5491,7 @@ ISC - pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A//github.com/isaacs/minipass-flush.git + pkg:npm/minipass-flush@1.0.5?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminipass-flush.git https://github.com/isaacs/minipass-flush/issues @@ -5746,7 +5762,7 @@ MIT - pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A//github.com/isaacs/minizlib.git + pkg:npm/minizlib@2.1.2?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fminizlib.git https://github.com/isaacs/minizlib/issues @@ -6273,7 +6289,7 @@ ISC - pkg:npm/once@1.4.0?vcs_url=git%3A//github.com/isaacs/once.git + pkg:npm/once@1.4.0?vcs_url=git%3A%2F%2Fgithub.com%2Fisaacs%2Fonce.git https://github.com/isaacs/once/issues @@ -6556,7 +6572,7 @@ ISC - pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A//github.com/npm/proc-log.git + pkg:npm/proc-log@4.2.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fproc-log.git https://github.com/npm/proc-log/issues @@ -6833,7 +6849,7 @@ MIT - pkg:npm/readable-stream@3.6.2?vcs_url=git%3A//github.com/nodejs/readable-stream.git + pkg:npm/readable-stream@3.6.2?vcs_url=git%3A%2F%2Fgithub.com%2Fnodejs%2Freadable-stream.git https://github.com/nodejs/readable-stream/issues @@ -6993,7 +7009,7 @@ MIT - pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A//github.com/feross/safe-buffer.git + pkg:npm/safe-buffer@5.2.1?vcs_url=git%3A%2F%2Fgithub.com%2Ffeross%2Fsafe-buffer.git https://github.com/feross/safe-buffer/issues @@ -7105,7 +7121,7 @@ ISC - pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A//github.com/npm/node-semver.git + pkg:npm/semver@7.6.3?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fnode-semver.git https://github.com/npm/node-semver/issues @@ -7661,7 +7677,7 @@ ISC - pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A//github.com/npm/ssri.git + pkg:npm/ssri@10.0.6?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fnpm%2Fssri.git https://github.com/npm/ssri/issues @@ -8029,7 +8045,7 @@ MIT - pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@7.1.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -8232,7 +8248,7 @@ ISC - pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A//github.com/isaacs/node-tar.git + pkg:npm/tar@6.2.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fnode-tar.git https://github.com/isaacs/node-tar/issues @@ -8952,7 +8968,7 @@ MIT - pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A//github.com/chalk/strip-ansi.git + pkg:npm/strip-ansi@6.0.1?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fchalk%2Fstrip-ansi.git https://github.com/chalk/strip-ansi/issues @@ -9122,7 +9138,7 @@ ISC - pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A//github.com/isaacs/yallist.git + pkg:npm/yallist@4.0.0?vcs_url=git%2Bhttps%3A%2F%2Fgithub.com%2Fisaacs%2Fyallist.git https://github.com/isaacs/yallist/issues diff --git a/tests/_helper/index.js b/tests/_helper/index.js index c3ea4fd6e..1c2ea4613 100644 --- a/tests/_helper/index.js +++ b/tests/_helper/index.js @@ -71,6 +71,7 @@ function makeReproducible (format, data) { function makeJsonReproducible (json) { return json .replace( + // replace npm in metadata.tools[].version new RegExp( ' "name": "npm",\n' + ' "version": ".+?"' @@ -78,7 +79,15 @@ function makeJsonReproducible (json) { ' "name": "npm",\n' + ' "version": "npmVersion-testing"' ).replace( - // replace metadata.tools.version + // replace npm in metadata.tools.components[].version + new RegExp( + ' "name": "npm",\n' + + ' "version": ".+?"' + ), + ' "name": "npm",\n' + + ' "version": "npmVersion-testing"' + ).replace( + // replace self metadata.tools[].version ' "vendor": "@cyclonedx",\n' + ' "name": "cyclonedx-npm",\n' + ` "version": ${JSON.stringify(thisVersion)}`, @@ -86,7 +95,17 @@ function makeJsonReproducible (json) { ' "name": "cyclonedx-npm",\n' + ' "version": "thisVersion-testing"' ).replace( - // replace metadata.tools.version + // replace self metadata.tools.components[].version + ' "type": "application",\n' + + ' "name": "cyclonedx-npm",\n' + + ' "group": "@cyclonedx",\n' + + ` "version": ${JSON.stringify(thisVersion)}`, + ' "type": "application",\n' + + ' "name": "cyclonedx-npm",\n' + + ' "group": "@cyclonedx",\n' + + ' "version": "thisVersion-testing"' + ).replace( + // replace library metadata.tools[].version new RegExp( ' "vendor": "@cyclonedx",\n' + ' "name": "cyclonedx-library",\n' + @@ -95,6 +114,18 @@ function makeJsonReproducible (json) { ' "vendor": "@cyclonedx",\n' + ' "name": "cyclonedx-library",\n' + ' "version": "libVersion-testing"' + ).replace( + // replace library metadata.tools.components[].version + new RegExp( + ' "type": "library",\n' + + ' "name": "cyclonedx-library",\n' + + ' "group": "@cyclonedx",\n' + + ' "version": ".+?"' + ), + ' "type": "library",\n' + + ' "name": "cyclonedx-library",\n' + + ' "group": "@cyclonedx",\n' + + ' "version": "libVersion-testing"' ) } @@ -107,7 +138,7 @@ function makeJsonReproducible (json) { function makeXmlReproducible (xml) { return xml .replace( - // replace metadata.tools.version + // replace npm in metadata.tools[].version new RegExp( ' npm\n' + ' .+?' @@ -115,7 +146,15 @@ function makeXmlReproducible (xml) { ' npm\n' + ' npmVersion-testing' ).replace( - // replace metadata.tools.version + // replace npm in metadata.tools.components[].version + new RegExp( + ' npm\n' + + ' .+?' + ), + ' npm\n' + + ' npmVersion-testing' + ).replace( + // replace metadata.tools[].version ' @cyclonedx\n' + ' cyclonedx-npm\n' + ` ${thisVersion}`, @@ -123,7 +162,15 @@ function makeXmlReproducible (xml) { ' cyclonedx-npm\n' + ' thisVersion-testing' ).replace( - // replace metadata.tools.version + // replace metadata.tools.components[].version + ' @cyclonedx\n' + + ' cyclonedx-npm\n' + + ` ${thisVersion}`, + ' @cyclonedx\n' + + ' cyclonedx-npm\n' + + ' thisVersion-testing' + ).replace( + // replace metadata.tools[].version new RegExp( ' @cyclonedx\n' + ' cyclonedx-library\n' + @@ -133,12 +180,13 @@ function makeXmlReproducible (xml) { ' cyclonedx-library\n' + ' libVersion-testing' ).replace( - new RegExp( - ' npm\n' + - ' .+?' - ), - ' npm\n' + - ' npmVersion-testing' + // replace metadata.tools.components[].version + ' @cyclonedx\n' + + ' cyclonedx-library\n' + + ' .+?', + ' @cyclonedx\n' + + ' cyclonedx-library\n' + + ' libVersion-testing' ) }