feat: add support for Service.trustZone#980
Open
VanL wants to merge 2 commits into
Open
Conversation
Adds the optional `trust_zone` field to `Service`, available in CycloneDX v1.5 and later. Serializes as `trustZone` in JSON and `<trustZone>` in XML for schemas 1.5, 1.6, and 1.7; omitted for earlier versions. Implements part of issue CycloneDX#578. Signed-off-by: VanL <van@ospo.co>
Up to standards ✅🟢 Issues
|
| Metric | Results |
|---|---|
| Complexity | 0 |
| Duplication | 0 |
NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.
Documentation build overview
|
Signed-off-by: VanL <van@ospo.co>
16 tasks
There was a problem hiding this comment.
Pull request overview
Adds CycloneDX v1.5+ support for Service.trustZone (Python attribute trust_zone) in the Service model, ensuring it serializes/deserializes correctly and is omitted for earlier schema versions.
Changes:
- Added optional
trust_zone: Optional[str]tocyclonedx.model.service.Service, with schema-version-gated serialization (v1.5+ only) and XML normalized-string handling. - Added/updated JSON and XML output validation tests to confirm presence/absence by schema version and schema rejection for pre-1.5 documents.
- Updated deserialization tests and snapshot fixtures/models to include
trustZonefor v1.5–v1.7 outputs.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| cyclonedx/model/service.py | Introduces trust_zone property with v1.5+ serialization views and normalized XML string handling; updates equality/hash tuple. |
| tests/test_output_xml.py | Adds XML output tests for trustZone across schema versions, including normalization and pre-1.5 rejection validation. |
| tests/test_output_json.py | Adds JSON output tests for trustZone across schema versions and pre-1.5 rejection validation. |
| tests/test_model_service.py | Adds model-level tests for default/setter behavior and equality/sorted-set membership impact. |
| tests/test_deserialize_xml.py | Adds XML deserialization test for trustZone (v1.7). |
| tests/test_deserialize_json.py | Adds JSON deserialization test and JSON→XML roundtrip test preserving trust_zone. |
| tests/_data/models.py | Updates complex services fixture to set trust_zone so snapshots include the new field where applicable. |
| tests/_data/snapshots/get_bom_with_services_complex-1.5.xml.bin | Snapshot updated to include <trustZone> for schema v1.5. |
| tests/_data/snapshots/get_bom_with_services_complex-1.5.json.bin | Snapshot updated to include trustZone for schema v1.5. |
| tests/_data/snapshots/get_bom_with_services_complex-1.6.xml.bin | Snapshot updated to include <trustZone> for schema v1.6. |
| tests/_data/snapshots/get_bom_with_services_complex-1.6.json.bin | Snapshot updated to include trustZone for schema v1.6. |
| tests/_data/snapshots/get_bom_with_services_complex-1.7.xml.bin | Snapshot updated to include <trustZone> for schema v1.7. |
| tests/_data/snapshots/get_bom_with_services_complex-1.7.json.bin | Snapshot updated to include trustZone for schema v1.7. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds the optional
trust_zonefield toService, available in CycloneDX v1.5 and later. Serializes astrustZonein JSON and<trustZone>in XML for schemas 1.5, 1.6, and 1.7; omitted for earlier versions.Implements part of issue #578.
Description
Adds the optional
trust_zonefield toService, available inCycloneDX v1.5 and later. Serializes as
trustZonein JSON and<trustZone>in XML for schemas 1.5/1.6/1.7; omitted for earlierversions.
Resolves a part of: #578
AI Tool Disclosure
drafted an implementation plan, and implemented per the CycloneDX 1.5+
service.trustZoneschema. Implemented multiple agent adversarial review.Affirmation