Skip to content

Commit

Permalink
Merge branch 'main' into feat/improve_validation
Browse files Browse the repository at this point in the history
  • Loading branch information
mtsfoni authored Aug 11, 2024
2 parents 2fb9678 + 91cf6c6 commit 8b1cc89
Show file tree
Hide file tree
Showing 5 changed files with 1 addition and 182 deletions.
49 changes: 0 additions & 49 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -214,55 +214,6 @@ Merge two XML formatted BOMs:
Merging two BOMs and piping output to additional tools:
`cyclonedx-cli merge --input-files sbom1.xml sbom2.xml --output-format json | grep "something"`

## Rename Entity command

Rename an entity identified by "bom-ref" (formally a "refType") in the document
and/or back-references to such entity (formally a "refLinkType", typically as
a "ref" property; or certain lists' items).

```
rename-entity
Rename an entity identified by a "bom-ref" (including back-references to it) in the BOM document
Usage:
cyclonedx [options] rename-entity
Options:
--input-file <input-file> Input BOM filename.
--output-file <output-file> Output BOM filename, will write to stdout if no value provided.
--old-ref <old-ref> Old value of "bom-ref" entity identifier (or "ref" values or certain list items pointing to it).
--new-ref <new-ref> New value of "bom-ref" entity identifier (or "ref" values or certain list items pointing to it).
--input-format <autodetect|json|protobuf|xml> Specify input file format.
--output-format <autodetect|json|protobuf|xml> Specify output file format.
```

Keep in mind that these identifiers are arbitrary strings that have a meaning
within the Bom document (and should uniquely identify one entity in its scope).
While in some cases these identifiers are meaningful (e.g. "purl" values used
as "bom-ref" by the cyclonedx-maven-plugin), they may also validly be random
UUIDs or collision-prone strings like "1", "2", "3"...

They may be opportunistically used as anchors for cross-document references,
so in some cases a back-reference may point to a string for which there is no
"bom-ref" in the same document (see relevant CycloneDX specification version
for details).

This renaming operation also modifies the output document metadata, to reflect
the modification compared to the input document.

Basic error-checking, such as attempt to re-use an already existing identifier,
is performed.

### Examples

Rename an entity:
```
cyclonedx rename-entity --input-file sbom.json --output-format xml \
--oldref "pkg:maven/org.yaml/snakeyaml@1.33?type=jar" \
--newref "thirdpartylibs:org.yaml:snakeyaml:1.33:jar" \
| grep "thirdparty"
```

## Sign Command

Sign a BOM or file
Expand Down
2 changes: 1 addition & 1 deletion semver.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.25.1
0.26.0
101 changes: 0 additions & 101 deletions src/cyclonedx/Commands/RenameEntityCommand.cs

This file was deleted.

30 changes: 0 additions & 30 deletions src/cyclonedx/Commands/RenameEntityCommandOptions.cs

This file was deleted.

1 change: 0 additions & 1 deletion src/cyclonedx/Program.cs
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ public static async Task<int> Main(string[] args)
DiffCommand.Configure(rootCommand);
KeyGenCommand.Configure(rootCommand);
MergeCommand.Configure(rootCommand);
RenameEntityCommand.Configure(rootCommand);
SignCommand.Configure(rootCommand);
ValidateCommand.Configure(rootCommand);
VerifyCommand.Configure(rootCommand);
Expand Down

0 comments on commit 8b1cc89

Please sign in to comment.