mr-zepol
commented
5 months ago Instead of using files we already serialized with this library as baseline, I'd suggest we keep the original files (taken from CycloneDX/specification), and use a snapshot testing library instead.
It requires an initial manual effort to compare the original with what we generate (there will be subtle differences that are fine, e.g. timestamp format). But it has the benefit that we have better "evidence" for how our output differs from the canonical format.
Upon initial research, this might be of interest: https://github.com/origin-energy/java-snapshot-testing
Thoughts?
Like the idea, I can look into it, so I will close this PR and will raise a new one with the changes for normal improvements and add the other stuff to my list
This is one of the PRs to improve testing, this has some small fixes, the idea of those changes is to parse the file ( from XML and JSON) and serialize them back to the same type file and compare that they are the same, this helps to check that new changes don't break anything new and that the serialization/deserialization is working as expected.
The tests will be added in a coming PR