Conversation
* Add new classes for new types * Update classes * Dev 1.7 Expression Detail (#787) * Support for license Details * Fix tests * Support for IKEV2 in 1.7 (#825) * Fix License issue serialization * Add Ike2 Proper Support * Add headers * Support patents and version-aware serialization (#827) Add polymorphic patent support and make serialization version-aware. Introduces PatentItem model plus PatentItemDeserializer, PatentsDeserializer and PatentAssertionDeserializer/Serializer to handle mixed Patent/PatentFamily entries and XML/JSON differences; updates Definition to use the polymorphic list and provides helpers for legacy access. Refactors many serializers (EnvironmentVars, InputType, ExternalReference, Hash, IkeV2Transform, etc.) and CustomSerializerModifier to honor @VersionFilter and a Version parameter, filters enum/field serialization by target BOM version, and normalizes date formatting. Also enhances OrganizationalChoice deserialization, adds properties handling to ExternalReferencesDeserializer, and small model tweaks (Component, Composition, Service, LicenseItem, PriorityApplication, FormulationCommon, Level) to align with newer schema versions. * Dev 1.7 fix model card (#829) * Use 'model-card' for MODEL_CARD external reference Update ExternalReference.MODEL_CARD to use kebab-case: change @JsonProperty and enum value from "model_card" to "model-card". This aligns the serialized name with the expected CycloneDX 1.5 naming while retaining the VersionFilter(Version.VERSION_15) annotation. * Adjust Citation & Component; delete Classifications Fix serialization and equality logic in model classes: change Citation @JsonPropertyOrder to use "bom-ref" to match the XML attribute, remove the now-unused Classifications class, and update Component.equals()/hashCode() to include newly added fields (isExternal, versionRange, patentAssertions, tags) so equality and hashing account for them. * Add related cryptographic assets and schema (#828) Introduce support for related cryptographic assets across crypto models and add a cryptography definitions schema. Changes include: - Add new RelatedCryptographicAsset model with type and ref, equals/hashCode. - Extend AlgorithmProperties, CertificateProperties, ProtocolProperties, and RelatedCryptoMaterialProperties to include List<RelatedCryptographicAsset> relatedCryptographicAssets with XML wrapper annotations, getters/setters, and include in equals/hashCode. - Annotate new fields with @VersionFilter(Version.VERSION_17) and add necessary imports. - Add cryptography-defs.schema.json resource containing algorithm family and elliptic curve metadata. - Register the new schema in CycloneDxSchema offlineMappings so it can be resolved at runtime. These changes enable expressing relationships between crypto objects and external cryptographic assets and provide a formal schema for algorithm/curve definitions. * Add CycloneDX 1.7 crypto tests; reorder JSON props (#830) Add comprehensive CycloneDX 1.7 cryptography unit tests for both JSON and XML generators (updates to BomJsonGeneratorTest and BomXmlGeneratorTest). Update schema verification to recognize -1.7 fixtures in JsonSchemaVerificationTest and XmlSchemaVerificationTest. Adjust AlgorithmProperties@JsonPropertyOrder to change the ordering of parameterSetIdentifier, curve, and ellipticCurve to match the 1.7 schema expectations. * add signature object to citations for json-based sboms (#814) * feat: add signature object to citations for json-based sboms Signed-off-by: Sebastian Tiemann <setie@mailbox.org> * revert chnage to bom reference JSON property Signed-off-by: Sebastian Tiemann <setie@mailbox.org> * Add new citation to checked amount of citation objects. Signed-off-by: Sebastian Tiemann <setie@mailbox.org> --------- Signed-off-by: Sebastian Tiemann <setie@mailbox.org> --------- Signed-off-by: Sebastian Tiemann <setie@mailbox.org> Co-authored-by: Sebastian Tiemann <setie@mailbox.org>
Up to standards ✅🟢 Issues
|
| Metric | Results |
|---|---|
| Complexity | 655 |
🟢 Coverage 71.49% diff coverage · -1.14% coverage variation
Metric Results Coverage variation ✅ -1.14% coverage variation Diff coverage ✅ 71.49% diff coverage Coverage variation details
Coverable lines Covered lines Coverage Common ancestor commit (37d5905) 6676 5061 75.81% Head commit (8a22927) 7666 (+990) 5724 (+663) 74.67% (-1.14%) Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch:
<coverage of head commit> - <coverage of common ancestor commit>Diff coverage details
Coverable lines Covered lines Diff coverage Pull request (#866) 1203 860 71.49% Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified:
<covered lines added or modified>/<coverable lines added or modified> * 100%
NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.
Update offline schema mappings to use `classpath:` URLs for `bom-1.7.schema.json` and `cryptography-defs.schema.json`, matching the existing pattern for earlier versions and ensuring local schema resolution works consistently.
nscuro
approved these changes
Jul 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This adds complete support for Spec 1.7 in the CycloneDX Java Core Library