Description
Library Version: 7.6.1
Description:
Steps to Reproduce:
- Use the example JSON provided in the CycloneDX bom-examples repository.
- Run the following script:
import json
from cyclonedx.model.bom import Bom
# source: https://github.com/CycloneDX/bom-examples/blob/c0436d86cd60693f01d19fe1aacfd01e70e17036/CBOM/Example-With-Dependencies/bom.json
sample = '''{
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79",
"version": 1,
"metadata": {
"component": {
"type": "application",
"bom-ref": "acme-application",
"name": "Acme Application",
"version": "1.0"
}
},
"components": [
{
"type": "cryptographic-asset",
"bom-ref": "aes128gcm",
"name": "AES",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"primitive": "ae",
"parameterSetIdentifier": "128",
"executionEnvironment": "software-plain-ram",
"implementationPlatform": "x86_64",
"certificationLevel": [ "none" ],
"mode": "gcm",
"cryptoFunctions": ["keygen", "encrypt", "decrypt", "tag"],
"classicalSecurityLevel": 128,
"nistQuantumSecurityLevel": 1
},
"oid": "2.16.840.1.101.3.4.1.6"
}
},
{
"type": "library",
"bom-ref": "crypto-library",
"name": "Crypto library",
"version": "1.0.0"
},
{
"type": "library",
"bom-ref": "some-library",
"name": "Some library",
"version": "1.0.0"
}
],
"dependencies": [
{
"ref": "acme-application",
"dependsOn": ["crypto-library"]
},
{
"ref": "crypto-library",
"provides": ["aes128gcm"],
"dependsOn": ["some-library"]
}
]
}'''
data = json.loads(sample)
Bom.from_json(data=data)Observed Behavior:
The code fails with the following exception:
Traceback (most recent call last):
...
ValueError: Unexpected key provides/provides in data being serialized to cyclonedx.model.dependency.Dependency
Environment:
- Python version:
3.10 - Operating System:
macOS - Library version:
7.6.1
Let me know if this works!