use of UUID corrected within unit tests prior to completing JSON unit tests

madpah · madpah · commit c362254498fd · 2023-01-27T09:27:21.000Z
Signed-off-by: Paul Horton &lt;paul.horton@owasp.org&gt;
diff --git a/cyclonedx/model/component.py b/cyclonedx/model/component.py
@@ -21,6 +21,7 @@
 from enum import Enum
 from os.path import exists
 from typing import Any, Iterable, Optional, Set, Union
+from uuid import uuid4
 
 # See https://github.com/package-url/packageurl-python/issues/65
 import serializable
@@ -767,7 +768,10 @@ def __init__(self, *, name: str, type_: ComponentType = ComponentType.LIBRARY,
                  ) -> None:
         self.type_ = type_
         self.mime_type = mime_type
-        self._bom_ref = BomRef(value=bom_ref) if type(bom_ref) == str else bom_ref
+        if type(bom_ref) == BomRef:
+            self._bom_ref = bom_ref
+        else:
+            self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else str(uuid4()))
         self.supplier = supplier
         self.author = author
         self.publisher = publisher
@@ -1269,7 +1273,7 @@ def __hash__(self) -> int:
         ))
 
     def __repr__(self) -> str:
-        return f'<Component bom-ref={self.bom_ref.value}, group={self.group}, name={self.name}, ' \
+        return f'<Component bom-ref={self.bom_ref}, group={self.group}, name={self.name}, ' \
                f'version={self.version}, type={self.type_}>'
 
     # Deprecated methods
diff --git a/cyclonedx/model/dependency.py b/cyclonedx/model/dependency.py
@@ -72,8 +72,8 @@ def __eq__(self, other: object) -> bool:
 
     def __lt__(self, other: Any) -> bool:
         if isinstance(other, Dependency):
-            return ComparableTuple((self.ref.value, tuple(self.dependencies))) < ComparableTuple(
-                (other.ref.value, tuple(other.dependencies)))
+            return ComparableTuple((self.ref, tuple(self.dependencies))) < ComparableTuple(
+                (other.ref, tuple(other.dependencies)))
         return NotImplemented
 
     def __hash__(self) -> int:
diff --git a/cyclonedx/model/service.py b/cyclonedx/model/service.py
@@ -19,6 +19,7 @@
 
 import serializable
 from sortedcontainers import SortedSet
+from uuid import uuid4
 
 from cyclonedx.serialization import BomRefHelper
 
@@ -63,7 +64,10 @@ def __init__(self, *, name: str, bom_ref: Optional[Union[str, BomRef]] = None, p
                  services: Optional[Iterable['Service']] = None,
                  release_notes: Optional[ReleaseNotes] = None,
                  ) -> None:
-        self._bom_ref = BomRef(value=bom_ref) if type(bom_ref) == str else bom_ref
+        if type(bom_ref) == BomRef:
+            self._bom_ref = bom_ref
+        else:
+            self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else str(uuid4()))
         self.provider = provider
         self.group = group
         self.name = name
@@ -348,4 +352,4 @@ def __hash__(self) -> int:
         ))
 
     def __repr__(self) -> str:
-        return f'<Service bom-ref={self.bom_ref.value}, group={self.group}, name={self.name}, version={self.version}>'
+        return f'<Service bom-ref={self.bom_ref}, group={self.group}, name={self.name}, version={self.version}>'
diff --git a/cyclonedx/model/vulnerability.py b/cyclonedx/model/vulnerability.py
@@ -23,6 +23,7 @@
 from decimal import Decimal
 from enum import Enum
 from typing import Any, Iterable, Optional, Tuple, Union
+from uuid import uuid4
 
 import serializable
 from sortedcontainers import SortedSet
@@ -835,7 +836,10 @@ def __init__(self, *, bom_ref: Optional[Union[str, BomRef]] = None, id_: Optiona
                  # Deprecated Parameters kept for backwards compatibility
                  source_name: Optional[str] = None, source_url: Optional[str] = None,
                  recommendations: Optional[Iterable[str]] = None) -> None:
-        self._bom_ref = BomRef(value=bom_ref) if type(bom_ref) == str else bom_ref
+        if type(bom_ref) == BomRef:
+            self._bom_ref = bom_ref
+        else:
+            self._bom_ref = BomRef(value=str(bom_ref) if bom_ref else str(uuid4()))
         self.id_ = id_
         self.source = source
         self.references = references or []  # type: ignore
diff --git a/tests/data.py b/tests/data.py
@@ -21,6 +21,7 @@
 from datetime import datetime, timezone
 from decimal import Decimal
 from typing import List, Optional, TypeVar
+from uuid import UUID
 
 # See https://github.com/package-url/packageurl-python/issues/65
 from packageurl import PackageURL  # type: ignore
@@ -85,10 +86,14 @@
 MOCK_UUID_4 = 'cd3e9c95-9d41-49e7-9924-8cf0465ae789'
 MOCK_UUID_5 = 'bb5911d6-1a1d-41c9-b6e0-46e848d16655'
 MOCK_UUID_6 = 'df70b5f1-8f53-47a4-be48-669ae78795e6'
-MOCK_BOM_UUID_1 = '3e671687-395b-41f5-a30f-a58921a69b79'
+MOCK_UUID_7 = UUID('6f266d1c-760f-4552-ae3b-41a9b74232fa')
+MOCK_UUID_8 = UUID('77d15ab9-5602-4cca-8ed2-59ae579aafd3')
+MOCK_UUID_9 = UUID('859ff614-35a7-4d37-803b-d89130cb2577')
+MOCK_UUID_10 = UUID('0afa65bc-4acd-428b-9e17-8e97b1969745')
+MOCK_BOM_UUID_1 = UUID('3e671687-395b-41f5-a30f-a58921a69b79')
 
 TEST_UUIDS = [
-    MOCK_UUID_1, MOCK_UUID_2, MOCK_UUID_3, MOCK_UUID_4, MOCK_UUID_5, MOCK_UUID_6
+    UUID(MOCK_UUID_1), UUID(MOCK_UUID_2), UUID(MOCK_UUID_3), UUID(MOCK_UUID_4), UUID(MOCK_UUID_5), UUID(MOCK_UUID_6)
 ]
 
 
diff --git a/tests/fixtures/json/1.2/bom_services_complex.json b/tests/fixtures/json/1.2/bom_services_complex.json
@@ -15,7 +15,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda",
+      "bom-ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -76,7 +76,7 @@
   ],
   "dependencies": [
     {
-      "ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"
+      "ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655"
     },
     {
       "ref": "my-specific-bom-ref-for-my-first-service"
diff --git a/tests/fixtures/json/1.2/bom_services_simple.json b/tests/fixtures/json/1.2/bom_services_simple.json
@@ -15,7 +15,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857",
+      "bom-ref": "df70b5f1-8f53-47a4-be48-669ae78795e6",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -38,7 +38,7 @@
       "ref": "be2c6502-7e9a-47db-9a66-e34f729810a3"
     },
     {
-      "ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857"
+      "ref": "df70b5f1-8f53-47a4-be48-669ae78795e6"
     }
   ]
 }
diff --git a/tests/fixtures/json/1.3/bom_services_complex.json b/tests/fixtures/json/1.3/bom_services_complex.json
@@ -15,7 +15,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda",
+      "bom-ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -98,7 +98,7 @@
       "ref": "be2c6502-7e9a-47db-9a66-e34f729810a3"
     },
     {
-      "ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"
+      "ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655"
     }
   ]
 }
diff --git a/tests/fixtures/json/1.3/bom_services_simple.json b/tests/fixtures/json/1.3/bom_services_simple.json
@@ -15,7 +15,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857",
+      "bom-ref": "df70b5f1-8f53-47a4-be48-669ae78795e6",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -38,7 +38,7 @@
       "ref": "be2c6502-7e9a-47db-9a66-e34f729810a3"
     },
     {
-      "ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857"
+      "ref": "df70b5f1-8f53-47a4-be48-669ae78795e6"
     }
   ]
 }
diff --git a/tests/fixtures/json/1.4/bom_services_complex.json b/tests/fixtures/json/1.4/bom_services_complex.json
@@ -49,7 +49,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda",
+      "bom-ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -185,7 +185,7 @@
   ],
   "dependencies": [
     {
-      "ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"
+      "ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655"
     },
     {
       "ref": "my-specific-bom-ref-for-my-first-service"
diff --git a/tests/fixtures/json/1.4/bom_services_simple.json b/tests/fixtures/json/1.4/bom_services_simple.json
@@ -49,7 +49,7 @@
     ],
     "component": {
       "type": "library",
-      "bom-ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857",
+      "bom-ref": "df70b5f1-8f53-47a4-be48-669ae78795e6",
       "name": "cyclonedx-python-lib",
       "version": "1.0.0"
     }
@@ -66,7 +66,7 @@
   ],
   "dependencies": [
     {
-      "ref": "0b049d09-64c0-4490-a0f5-c84d9aacf857"
+      "ref": "df70b5f1-8f53-47a4-be48-669ae78795e6"
     },
     {
       "ref": "be2c6502-7e9a-47db-9a66-e34f729810a3"
diff --git a/tests/fixtures/xml/1.2/bom_services_complex.xml b/tests/fixtures/xml/1.2/bom_services_complex.xml
@@ -10,7 +10,7 @@
                 <version>TESTING</version>
             </tool>
         </tools>
-        <component type="library" bom-ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda">
+        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -58,7 +58,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"/>
+        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789"/>
         <dependency ref="be2c6502-7e9a-47db-9a66-e34f729810a3"/>
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
     </dependencies>
diff --git a/tests/fixtures/xml/1.2/bom_services_nested.xml b/tests/fixtures/xml/1.2/bom_services_nested.xml
@@ -10,7 +10,7 @@
                 <version>TESTING</version>
             </tool>
         </tools>
-        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
+        <component type="library" bom-ref="df70b5f1-8f53-47a4-be48-669ae78795e6">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -106,7 +106,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789"/>
+        <dependency ref="df70b5f1-8f53-47a4-be48-669ae78795e6"/>
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
         <dependency ref="0b049d09-64c0-4490-a0f5-c84d9aacf857"/>
     </dependencies>
diff --git a/tests/fixtures/xml/1.3/bom_services_complex.xml b/tests/fixtures/xml/1.3/bom_services_complex.xml
@@ -10,7 +10,7 @@
                 <version>TESTING</version>
             </tool>
         </tools>
-        <component type="library" bom-ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda">
+        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -65,7 +65,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda" />
+        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789" />
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
         <dependency ref="be2c6502-7e9a-47db-9a66-e34f729810a3"/>
     </dependencies>
diff --git a/tests/fixtures/xml/1.3/bom_services_nested.xml b/tests/fixtures/xml/1.3/bom_services_nested.xml
@@ -10,7 +10,7 @@
                 <version>TESTING</version>
             </tool>
         </tools>
-        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
+        <component type="library" bom-ref="df70b5f1-8f53-47a4-be48-669ae78795e6">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -113,7 +113,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789"/>
+        <dependency ref="df70b5f1-8f53-47a4-be48-669ae78795e6"/>
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
         <dependency ref="0b049d09-64c0-4490-a0f5-c84d9aacf857"/>
     </dependencies>
diff --git a/tests/fixtures/xml/1.4/bom_services_complex.xml b/tests/fixtures/xml/1.4/bom_services_complex.xml
@@ -36,7 +36,7 @@
                 </externalReferences>
             </tool>
         </tools>
-        <component type="library" bom-ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda">
+        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -135,7 +135,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"/>
+        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789"/>
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
         <dependency ref="be2c6502-7e9a-47db-9a66-e34f729810a3"/>
     </dependencies>
diff --git a/tests/fixtures/xml/1.4/bom_services_nested.xml b/tests/fixtures/xml/1.4/bom_services_nested.xml
@@ -36,7 +36,7 @@
                 </externalReferences>
             </tool>
         </tools>
-        <component type="library" bom-ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789">
+        <component type="library" bom-ref="df70b5f1-8f53-47a4-be48-669ae78795e6">
             <name>cyclonedx-python-lib</name>
             <version>1.0.0</version>
         </component>
@@ -183,7 +183,7 @@
         </service>
     </services>
     <dependencies>
-        <dependency ref="cd3e9c95-9d41-49e7-9924-8cf0465ae789"/>
+        <dependency ref="df70b5f1-8f53-47a4-be48-669ae78795e6"/>
         <dependency ref="my-specific-bom-ref-for-my-first-service"/>
         <dependency ref="0b049d09-64c0-4490-a0f5-c84d9aacf857" />
     </dependencies>
diff --git a/tests/test_deserialize_json.py b/tests/test_deserialize_json.py
diff --git a/tests/test_deserialize_xml.py b/tests/test_deserialize_xml.py
diff --git a/tests/test_model_component.py b/tests/test_model_component.py
diff --git a/tests/test_model_service.py b/tests/test_model_service.py
diff --git a/tests/test_model_vulnerability.py b/tests/test_model_vulnerability.py
diff --git a/tests/test_output_json.py b/tests/test_output_json.py
diff --git a/tests/test_output_xml.py b/tests/test_output_xml.py

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@`
`15`	`15`	`],`
`16`	`16`	`"component": {`
`17`	`17`	`"type": "library",`
`18`		`- "bom-ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda",`
	`18`	`+ "bom-ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655",`
`19`	`19`	`"name": "cyclonedx-python-lib",`
`20`	`20`	`"version": "1.0.0"`
`21`	`21`	`}`
`@@ -76,7 +76,7 @@`
`76`	`76`	`],`
`77`	`77`	`"dependencies": [`
`78`	`78`	`{`
`79`		`- "ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"`
	`79`	`+ "ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655"`
`80`	`80`	`},`
`81`	`81`	`{`
`82`	`82`	`"ref": "my-specific-bom-ref-for-my-first-service"`
Original file line number	Diff line number	Diff line change
`@@ -49,7 +49,7 @@`
`49`	`49`	`],`
`50`	`50`	`"component": {`
`51`	`51`	`"type": "library",`
`52`		`- "bom-ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda",`
	`52`	`+ "bom-ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655",`
`53`	`53`	`"name": "cyclonedx-python-lib",`
`54`	`54`	`"version": "1.0.0"`
`55`	`55`	`}`
`@@ -185,7 +185,7 @@`
`185`	`185`	`],`
`186`	`186`	`"dependencies": [`
`187`	`187`	`{`
`188`		`- "ref": "17e3b199-dc0b-42ef-bfdd-1fa81a1e3eda"`
	`188`	`+ "ref": "bb5911d6-1a1d-41c9-b6e0-46e848d16655"`
`189`	`189`	`},`
`190`	`190`	`{`
`191`	`191`	`"ref": "my-specific-bom-ref-for-my-first-service"`