Loading .gitignore +1 −0 Original line number Diff line number Diff line Loading @@ -125,6 +125,7 @@ celerybeat.pid # Environments .env .env* .venv env/ venv/ Loading poetry.lock +223 −195 File changed.Preview size limit exceeded, changes collapsed. Show changes pyproject.toml +1 −1 Original line number Diff line number Diff line Loading @@ -17,7 +17,7 @@ sbom-scanner = "sbom_scanner.scan:run" [tool.poetry.dependencies] python = "^3.11" requests = "^2.32.2" cyclonedx-python-lib = "^7.4.0" cyclonedx-python-lib = "^8.5.0" [tool.poetry.group.dev.dependencies] # new development dependencies can be added with 'poetry add -D yyy' Loading sbom_scanner/sbom_utils.py +8 −7 Original line number Diff line number Diff line Loading @@ -30,16 +30,17 @@ def load_bom(file: Path) -> Bom: try: with catch_warnings(record=True) as warnings: if file.suffix == ".xml": with open(file) as reader: if file.suffix == ".xml": bom = Bom.from_xml(reader) else: with open(file) as reader: # NOTE: This is a hack to remove conflicting metadata # NOTE: This is a hack to remove conflicting fields # https://github.com/CycloneDX/cyclonedx-python-lib/issues/578 raw_json = json.load(reader) raw_json["metadata"].pop("tools", None) raw_json["metadata"].pop("lifecycles", None) for component in raw_json.get("components", []): component.pop("evidence", None) raw_json.pop("annotations", None) raw_json.pop("formulation", None) bom = Bom.from_json(raw_json) # Restore original method Loading Loading
.gitignore +1 −0 Original line number Diff line number Diff line Loading @@ -125,6 +125,7 @@ celerybeat.pid # Environments .env .env* .venv env/ venv/ Loading
pyproject.toml +1 −1 Original line number Diff line number Diff line Loading @@ -17,7 +17,7 @@ sbom-scanner = "sbom_scanner.scan:run" [tool.poetry.dependencies] python = "^3.11" requests = "^2.32.2" cyclonedx-python-lib = "^7.4.0" cyclonedx-python-lib = "^8.5.0" [tool.poetry.group.dev.dependencies] # new development dependencies can be added with 'poetry add -D yyy' Loading
sbom_scanner/sbom_utils.py +8 −7 Original line number Diff line number Diff line Loading @@ -30,16 +30,17 @@ def load_bom(file: Path) -> Bom: try: with catch_warnings(record=True) as warnings: if file.suffix == ".xml": with open(file) as reader: if file.suffix == ".xml": bom = Bom.from_xml(reader) else: with open(file) as reader: # NOTE: This is a hack to remove conflicting metadata # NOTE: This is a hack to remove conflicting fields # https://github.com/CycloneDX/cyclonedx-python-lib/issues/578 raw_json = json.load(reader) raw_json["metadata"].pop("tools", None) raw_json["metadata"].pop("lifecycles", None) for component in raw_json.get("components", []): component.pop("evidence", None) raw_json.pop("annotations", None) raw_json.pop("formulation", None) bom = Bom.from_json(raw_json) # Restore original method Loading
