ToolInformation - Equals, HashCode, and multi-tool parsing fixes w/tests

CycloneDX / cyclonedx-core-java

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

https://cyclonedx.org/

Apache License 2.0

81 stars 59 forks source link

ToolInformation - Equals, HashCode, and multi-tool parsing fixes w/tests #396

Open gdgib-roche opened 5 months ago

gdgib-roche commented 5 months ago

The new ToolInformation class did not have equals & hashCode methods, which prevented equality checks during downstream unit testing
The custom deserializer for ToolInformation did not correctly handle multiple components & services, in XML format due to the way jackson nests the nodes

gdgib-roche commented 5 months ago

Just added a unit test for serialization along with fixes to that too. FWIW, the previous code was semi-symmetrical across serialization & deserialization, it just also didn't work or generate/parse the expected XML. My sympathy to whoever had to understand the jackson internals enough to do this, I find them sometime frustratingly complex and I'm an expert on this kind of stuff.

gdgib-roche commented 5 months ago

Will look into the failing workflow next week.