CycloneDX / sbom-utility

Utility that provides an API platform for validating, querying and managing BOM data

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Explore using custom struct tags for CycloneDX property versioning

mrutkows opened this issue · comments

If we want to have special processing for JSON encoding/decoding (e.g., marshal/unmarshal) it would be helpful to enable this via custom struct tags.

For example:

// v1.3 added "compositions"
Compositions []CDXCompositions `json:"compositions,omitempty" cdx:"v1.3"`
// v1.4 added "vulnerabilities", "signature"
Vulnerabilities []CDXVulnerability `json:"vulnerabilities,omitempty" cdx:"v1.4"`

Note: this COULD be used as a crude means to add SVCS (data) tags (although they are longish URIs)