Bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#15081)

* Bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 Bumps [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml) - [Commits](CycloneDX/cyclonedx-go@v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: github.com/CycloneDX/cyclonedx-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Adapt conversion functions to CycloneDX/cyclonedx-go 0.7.0 Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lénaïc Huard <[email protected]>
DataDog · Jan 18, 2023 · 60a9bd5 · 60a9bd5
1 parent 8d3f55a
commit 60a9bd5
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 9 deletions.
diff --git a/go.mod b/go.mod
@@ -427,7 +427,7 @@ require (
 )
 
 require (
-	github.com/CycloneDX/cyclonedx-go v0.6.0
+	github.com/CycloneDX/cyclonedx-go v0.7.0
 	github.com/DataDog/go-libddwaf v0.0.0-20221118110754-0372d7c76b8a
 	github.com/go-redis/redis/v9 v9.0.0-rc.2
 	github.com/safchain/baloum v0.0.0-20221229104256-b1fc8f70a86b

diff --git a/go.sum b/go.sum
diff --git a/pkg/collector/corechecks/sbom/convert.go b/pkg/collector/corechecks/sbom/convert.go
@@ -55,7 +55,8 @@ type inArrayElement interface {
 		cyclonedx.Tool |
 		cyclonedx.Vulnerability |
 		cyclonedx.VulnerabilityRating |
-		cyclonedx.VulnerabilityReference
+		cyclonedx.VulnerabilityReference |
+		string
 }
 
 type outArrayElement interface {
@@ -125,7 +126,7 @@ func convertBOM(in *cyclonedx.BOM) *cyclonedx_v1_4.Bom {
 	}
 
 	return &cyclonedx_v1_4.Bom{
-		SpecVersion:        in.SpecVersion,
+		SpecVersion:        in.SpecVersion.String(),
 		Version:            pointer.Int32Ptr(int32(in.Version)),
 		SerialNumber:       stringPtr(in.SerialNumber),
 		Metadata:           convertMetadata(in.Metadata),
@@ -295,7 +296,17 @@ func convertDependency(in *cyclonedx.Dependency) *cyclonedx_v1_4.Dependency {
 
 	return &cyclonedx_v1_4.Dependency{
 		Ref:          in.Ref,
-		Dependencies: convertArray(in.Dependencies, convertDependency),
+		Dependencies: convertArray(in.Dependencies, convertDependencyString),
+	}
+}
+
+func convertDependencyString(in *string) *cyclonedx_v1_4.Dependency {
+	if in == nil {
+		return nil
+	}
+
+	return &cyclonedx_v1_4.Dependency{
+		Ref: *in,
 	}
 }
 

diff --git a/pkg/collector/corechecks/sbom/processor_test.go b/pkg/collector/corechecks/sbom/processor_test.go
@@ -36,7 +36,7 @@ func TestProcessEvents(t *testing.T) {
 							ID:   strconv.Itoa(i),
 						},
 						CycloneDXBOM: &cyclonedx.BOM{
-							SpecVersion: "1.4",
+							SpecVersion: cyclonedx.SpecVersion1_4,
 							Version:     42,
 							Components: &[]cyclonedx.Component{
 								{