Klasse Component

java.lang.Object
org.apache.tools.ant.ProjectComponent
org.apache.tools.ant.types.DataType
org.apache.ant.cyclonedx.Component
Alle implementierten Schnittstellen:
Cloneable
public class Component extends org.apache.tools.ant.types.DataType
The central concept of an SBOM which describes components and their dependencies.

The CycloneDX specification supports more information for a component than this type currently exposes.

This class is a type exposed by this Ant Library. When using the inherited refid attribute it can reference an instance defined previously - in which case no child elements or other attributes are allowed.

  • Verschachtelte Klassen - Übersicht

    Verschachtelte Klassen
    Modifikator und Typ
    Klasse
    Beschreibung
    static class 
    Component.Dependency
    Represents a dependency of a component.
    static class 
    Component.Tag
    Represents a tag.

  • Feldübersicht

    Von Klasse geerbte Felder org.apache.tools.ant.types.DataType

    checked, ref

    Von Klasse geerbte Felder org.apache.tools.ant.ProjectComponent

    location, project

  • Konstruktorübersicht

    Konstruktoren
    Konstruktor
    Beschreibung
    Component()
     

  • Methodenübersicht

    Modifikator und Typ
    Methode
    Beschreibung
    void
    add(org.apache.tools.ant.types.Resource resource)
    Sets the resource the component is about.
    void
    addAuthor(org.cyclonedx.model.OrganizationalContact author)
    Adds an author to the component.
    void
    addComponent(Component c)
    Adds a nested component.
    void
    addConfiguredExternalReference(ExternalReference ref)
    Adds an external reference to the component.
    void
    addConfiguredExternalReferenceSet(ExternalReferenceSet set)
    Adds a set of external references to the component.
    void
    addConfiguredLicense(License l)
    Adds a license to this component.
    void
    addConfiguredTag(Component.Tag tag)
    Adds a tag to the component.
    void
    addDependency(Component.Dependency d)
    Adds a dependency to this component.
    protected void
    addHashes(org.cyclonedx.model.Component component, org.cyclonedx.Version bomVersion)
    If this component has a nested resource child, all hashes supported by the CycloneDX Core library for the spec version are created and added to the given component.
    void
    addManufacturer(Organization manufacturer)
    Sets the manufacturer of the component.
    void
    addProperty(org.cyclonedx.model.Property property)
    Adds a property to the component.
    void
    addSupplier(Organization supplier)
    Sets the supplier of the component.
    boolean
    areDependenciesUnknown()
    Whether dependencies are unknoown.
    static Component
    createFileComponent(org.apache.tools.ant.Project project, org.apache.tools.ant.types.Resource r)
    Creates a new "file" type component for a resource.
    org.apache.tools.ant.types.resources.Union
    createSbomLink()
    Container for SBOM link resource.
    protected void
    dieOnCircularReference(Stack<Object> stk, org.apache.tools.ant.Project p)
     
    String
    getBomRef()
    Gets the bom-ref of the component.
    Iterable<Component.Dependency>
    getDependencies()
    Gets the dependencies of the component.
    String
    getGroup()
    Gets the group of the component.
    String
    getName()
    Gets the name of the component.
    List<Component>
    getNestedComponents()
    Recursively returns the nested components of this component.
    String
    getPurl()
    Gets the Package-URL (purl) of the component.
    protected Component
    getRef()
    Perform the check for circular references and return the referenced Component.
    Collection<Component>
    resolve()
    Read the linked SBOM (if any) and merge its content with the one already defined for this component.
    void
    setBomRef(String bomRef)
    Sets the bom-ref of the component.
    void
    setCopyright(String copyright)
    Sets the copyright of the component.
    void
    setDescription(String description)
    Sets the decription of the component.
    void
    setGroup(String group)
    Sets the group of the component.
    void
    setIsExternal(boolean isExternal)
    Sets whether the component is external.
    void
    setMimeType(String mimeType)
    Sets the mime-type of the component.
    void
    setName(String name)
    Sets the name of the component.
    void
    setPublisher(String publisher)
    Sets the publisher of the component.
    void
    setPurl(String purl)
    Sets the Package-URL (purl) of the component.
    void
    setScope(ComponentScope scope)
    Sets the scope of this component.
    void
    setSupplierIsManufacturer(boolean supplierIsManufacturer)
    If set to true the supplier will also be used to provide the manufacturer information.
    void
    setType(ComponentType type)
    Sets the type of the component.
    void
    setUnknownDependencies(boolean unknownDependencies)
    Sets whether the dependencies of this component are unknown.
    void
    setVersion(String version)
    Sets the version of the component.
    org.cyclonedx.model.Component
    toAdditionalCycloneDxComponent(org.cyclonedx.Version bomVersion)
    Translates this component to a CycloneDX component suitable for the components.component.
    protected org.cyclonedx.model.Component
    toCycloneDxComponent(org.cyclonedx.Version bomVersion)
    Maps all common data except for scope and isExternal.
    org.cyclonedx.model.Component
    toMainCycloneDxComponent(org.cyclonedx.Version bomVersion)
    Translates this component to a CycloneDX component suitable for the metadata.component.

    Von Klasse geerbte Methoden org.apache.tools.ant.types.DataType

    checkAttributesAllowed, checkChildrenAllowed, circularReference, clone, dieOnCircularReference, dieOnCircularReference, getCheckedRef, getCheckedRef, getCheckedRef, getCheckedRef, getCheckedRef, getDataTypeName, getRefid, invokeCircularReferenceCheck, isChecked, isReference, noChildrenAllowed, pushAndInvokeCircularReferenceCheck, setChecked, setRefid, tooManyAttributes, toString

    Von Klasse geerbte Methoden org.apache.tools.ant.ProjectComponent

    getDescription, getLocation, getProject, log, log, setLocation, setProject

    Von Klasse geerbte Methoden Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Konstruktordetails

    • Component

      public Component()

  • Methodendetails

    • add

      public void add(org.apache.tools.ant.types.Resource resource)
      Sets the resource the component is about.

      At most one resource can be set. Without a nested resource the component will not have any "hashes" when written to the SBOM.

      Parameter:
      resource - the resource holding the component's content

    • setType

      public void setType(ComponentType type)
      Sets the type of the component.

      Defaults to "library".

      Parameter:
      type - component type

    • setName

      public void setName(String name)
      Sets the name of the component.
      Parameter:
      name - component name

    • setGroup

      public void setGroup(String group)
      Sets the group of the component.
      Parameter:
      group - component group

    • setVersion

      public void setVersion(String version)
      Sets the version of the component.
      Parameter:
      version - component version

    • setPurl

      public void setPurl(String purl)
      Sets the Package-URL (purl) of the component.
      Parameter:
      purl - component Package URL

    • setBomRef

      public void setBomRef(String bomRef)
      Sets the bom-ref of the component.
      Parameter:
      bomRef - component bom-ref

    • setDescription

      public void setDescription(String description)
      Sets the decription of the component.
      Setzt außer Kraft:
      setDescription in Klasse org.apache.tools.ant.ProjectComponent
      Parameter:
      description - component description

    • setPublisher

      public void setPublisher(String publisher)
      Sets the publisher of the component.
      Parameter:
      publisher - component publisher

    • setCopyright

      public void setCopyright(String copyright)
      Sets the copyright of the component.
      Parameter:
      copyright - component copyright

    • setMimeType

      public void setMimeType(String mimeType)
      Sets the mime-type of the component.
      Parameter:
      mimeType - component mime-type

    • addManufacturer

      public void addManufacturer(Organization manufacturer)
      Sets the manufacturer of the component.

      At most one manufacturer can be set.

      Parameter:
      manufacturer - component manufacturer

    • addSupplier

      public void addSupplier(Organization supplier)
      Sets the supplier of the component.

      At most one supplier can be set.

      Parameter:
      supplier - compoment supplier

    • addAuthor

      public void addAuthor(org.cyclonedx.model.OrganizationalContact author)
      Adds an author to the component.
      Parameter:
      author - component author

    • addConfiguredTag

      public void addConfiguredTag(Component.Tag tag)
      Adds a tag to the component.
      Parameter:
      tag - component tag

    • addProperty

      public void addProperty(org.cyclonedx.model.Property property)
      Adds a property to the component.
      Parameter:
      property - component property

    • setSupplierIsManufacturer

      public void setSupplierIsManufacturer(boolean supplierIsManufacturer)
      If set to true the supplier will also be used to provide the manufacturer information.
      Parameter:
      supplierIsManufacturer - whether to use supplier as manufacturer as well

    • addConfiguredLicense

      public void addConfiguredLicense(License l)
      Adds a license to this component.
      Parameter:
      l - compoment license

    • addConfiguredExternalReference

      public void addConfiguredExternalReference(ExternalReference ref)
      Adds an external reference to the component.
      Parameter:
      ref - external reference of component

    • addConfiguredExternalReferenceSet

      public void addConfiguredExternalReferenceSet(ExternalReferenceSet set)
      Adds a set of external references to the component.
      Parameter:
      set - set of external references of component

    • setScope

      public void setScope(ComponentScope scope)
      Sets the scope of this component.

      Must not be set for the main component of the SBOM.

      Parameter:
      scope - component scope

    • setIsExternal

      public void setIsExternal(boolean isExternal)
      Sets whether the component is external.

      The CycloneDX Specification says: An external component is one that is not part of an assembly, but is expected to be provided by the environment, regardless of the component's scope.

      Must not be set to true for the main component of the SBOM.

      Right now this attribute has no effect until the CycloneDX core library supports the specification version 1.7.

      Parameter:
      isExternal - whether the component is external

    • addDependency

      public void addDependency(Component.Dependency d)
      Adds a dependency to this component.
      Parameter:
      d - component dependency

    • setUnknownDependencies

      public void setUnknownDependencies(boolean unknownDependencies)
      Sets whether the dependencies of this component are unknown.

      This flag is needed to be able to tell dependencies with unknown dependencies from components without any dependencies.

      Parameter:
      unknownDependencies - whether dependencies are unknown

    • addComponent

      public void addComponent(Component c)
      Adds a nested component.
      Parameter:
      c - nested component

    • createSbomLink

      public org.apache.tools.ant.types.resources.Union createSbomLink()
      Container for SBOM link resource.
      Gibt zurück:
      container for SBOM link resource

    • getName

      public String getName()
      Gets the name of the component.
      Gibt zurück:
      component name

    • getGroup

      public String getGroup()
      Gets the group of the component.
      Gibt zurück:
      component group

    • getPurl

      public String getPurl()
      Gets the Package-URL (purl) of the component.
      Gibt zurück:
      the value set with or a Maven purl derived from name, group and version if all three or set - or null otherwise.

    • getBomRef

      public String getBomRef()
      Gets the bom-ref of the component.
      Gibt zurück:
      the value set with or the result of .

    • getDependencies

      public Iterable<Component.Dependency> getDependencies()
      Gets the dependencies of the component.
      Gibt zurück:
      component's dependencies

    • areDependenciesUnknown

      public boolean areDependenciesUnknown()
      Whether dependencies are unknoown.
      Gibt zurück:
      the value set with setUnknownDependencies(boolean) or false.

    • getNestedComponents

      public List<Component> getNestedComponents()
      Recursively returns the nested components of this component.
      Gibt zurück:
      nested components of this component

    • resolve

      public Collection<Component> resolve() throws IOException
      Read the linked SBOM (if any) and merge its content with the one already defined for this component.
      Gibt zurück:
      the "addtional" components defined in the linked SBOM that are dependencies of this component.
      Löst aus:
      IOException - if reading the SBOM links fails

    • createFileComponent

      public static Component createFileComponent(org.apache.tools.ant.Project project, org.apache.tools.ant.types.Resource r)
      Creates a new "file" type component for a resource.
      Parameter:
      project - project to use when resolving paths
      r - the resource holding the file
      Gibt zurück:
      the component

    • toMainCycloneDxComponent

      public org.cyclonedx.model.Component toMainCycloneDxComponent(org.cyclonedx.Version bomVersion) throws IOException
      Translates this component to a CycloneDX component suitable for the metadata.component.
      Parameter:
      bomVersion - specification version
      Gibt zurück:
      mapped component
      Löst aus:
      IOException - if calculating component hashes fails

    • toAdditionalCycloneDxComponent

      public org.cyclonedx.model.Component toAdditionalCycloneDxComponent(org.cyclonedx.Version bomVersion) throws IOException
      Translates this component to a CycloneDX component suitable for the components.component.
      Parameter:
      bomVersion - specification version
      Gibt zurück:
      mapped component
      Löst aus:
      IOException - if calculating component hashes fails

    • toCycloneDxComponent

      protected org.cyclonedx.model.Component toCycloneDxComponent(org.cyclonedx.Version bomVersion) throws IOException
      Maps all common data except for scope and isExternal.
      Parameter:
      bomVersion - specification version
      Gibt zurück:
      mapped component
      Löst aus:
      IOException - if calculating component hashes fails

    • addHashes

      protected void addHashes(org.cyclonedx.model.Component component, org.cyclonedx.Version bomVersion) throws IOException
      If this component has a nested resource child, all hashes supported by the CycloneDX Core library for the spec version are created and added to the given component.
      Parameter:
      component - component to add hashes to
      bomVersion - specification version
      Löst aus:
      IOException - if calculating component hashes fails

    • getRef

      protected Component getRef()
      Perform the check for circular references and return the referenced Component.
      Gibt zurück:
      Component.

    • dieOnCircularReference

      protected void dieOnCircularReference(Stack<Object> stk, org.apache.tools.ant.Project p) throws org.apache.tools.ant.BuildException
      Setzt außer Kraft:
      dieOnCircularReference in Klasse org.apache.tools.ant.types.DataType
      Löst aus:
      org.apache.tools.ant.BuildException