Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cdx-go and JSON schema inconsistency - fields missing from DataService #208

Open
c3st7n opened this issue Nov 21, 2024 · 3 comments
Open

Cdx-go and JSON schema inconsistency - fields missing from DataService #208

c3st7n opened this issue Nov 21, 2024 · 3 comments
Labels
bug Something isn't working good first issue Good for newcomers spec/1.5

Comments

@c3st7n
Copy link

c3st7n commented Nov 21, 2024

The cyclonedx-go implementation is missing all the option fields for the serviceData field.

cyclonedx-go/schema/bom-1.6.schema.json

Lines 1972 to 2046 in 8508cc1

"serviceData": {
"type": "object",
"title": "Hash Objects",
"required": [
"flow",
"classification"
],
"additionalProperties": false,
"properties": {
"flow": {
"$ref": "#/definitions/dataFlowDirection",
"title": "Directional Flow",
"description": "Specifies the flow direction of the data. Direction is relative to the service. Inbound flow states that data enters the service. Outbound flow states that data leaves the service. Bi-directional states that data flows both ways and unknown states that the direction is not known."
},
"classification": {
"$ref": "#/definitions/dataClassification"
},
"name": {
"type": "string",
"title": "Name",
"description": "Name for the defined data",
"examples": [
"Credit card reporting"
]
},
"description": {
"type": "string",
"title": "Description",
"description": "Short description of the data content and usage",
"examples": [
"Credit card information being exchanged in between the web app and the database"
]
},
"governance": {
"title": "Data Governance",
"$ref": "#/definitions/dataGovernance"
},
"source": {
"type": "array",
"items": {
"anyOf": [
{
"title": "URL",
"type": "string",
"format": "iri-reference"
},
{
"title": "BOM-Link Element",
"$ref": "#/definitions/bomLinkElementType"
}
]
},
"title": "Source",
"description": "The URI, URL, or BOM-Link of the components or services the data came in from"
},
"destination": {
"type": "array",
"items": {
"anyOf": [
{
"title": "URL",
"type": "string",
"format": "iri-reference"
},
{
"title": "BOM-Link Element",
"$ref": "#/definitions/bomLinkElementType"
}
]
},
"title": "Destination",
"description": "The URI, URL, or BOM-Link of the components or services the data is sent to"
}
}
},

In type Service:

cyclonedx-go/cyclonedx.go

Line 1288 in 8508cc1

Data *[]DataClassification `json:"data,omitempty" xml:"data>classification,omitempty"`

In type DataClassification:

cyclonedx-go/cyclonedx.go

Lines 519 to 522 in 8508cc1

type DataClassification struct {
Flow DataFlow `json:"flow" xml:"flow,attr"`
Classification string `json:"classification" xml:",chardata"`
}

The struct is missing name, description, governance, source and destination fields.
@c3st7n
Copy link
Author

c3st7n commented Dec 2, 2024

Is it possible to get some kind of triage/update on this please?

@alexowen34
Copy link

I'm also facing the same issue - it would be great if this could be updated please

@c3st7n
Copy link
Author

c3st7n commented Dec 10, 2024

@nscuro sorry to tag you directly but I see you merged the bulk of the recent PRs etc. is this something that can be triaged please?

@nscuro nscuro added bug Something isn't working good first issue Good for newcomers spec/1.5 labels Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers spec/1.5
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nscuro @c3st7n @alexowen34