test component.components normalizer/serializer tests

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

HISTORY.md

@@ -5,10 +5,12 @@ All notable changes to this project will be documented in this file.
 ## unreleased
 
 * Added
+  * Implemented support for nested/bundled components via `bom.component.components`. (via [#136])
   * CycloneDX spec version 1.4 made element `bom.component.version` optional.  
     Therefore, serialization/normalization with this spec version will no longer render this element,
     when its value is empty. (via [#137])
 
+[#136]: https://github.com/CycloneDX/cyclonedx-javascript-library/pull/136
 [#137]: https://github.com/CycloneDX/cyclonedx-javascript-library/pull/137
 
 ## 1.0.3 - 2022-07-28

tests/_data/models.js

@@ -127,7 +127,7 @@ module.exports.createComplexStructure = function () {
     component.scope = Enums.ComponentScope.Required
     component.supplier = new Models.OrganizationalEntity({ name: 'Component Supplier' })
     component.supplier.url.add(new URL('https://localhost/componentSupplier-B'))
-    component.supplier.url.add(new URL('https://localhost/componentSupplier-A'))
+    component.supplier.url.add('https://localhost/componentSupplier-A')
     component.supplier.contact.add(new Models.OrganizationalContact({ name: 'The quick brown fox' }))
     component.supplier.contact.add((function (contact) {
       contact.name = 'Franz'
@@ -149,17 +149,37 @@ module.exports.createComplexStructure = function () {
     return component
   })(new Models.Component(Enums.ComponentType.Library, 'dummy-component', { version: '1337-beta' })))
 
-  bom.components.add(function (component) {
+  bom.components.add((function (component) {
     // interlink everywhere
     bom.metadata.component.dependencies.add(component.bomRef)
     bom.components.forEach(c => c.dependencies.add(component.bomRef))
     return component
-  }(new Models.Component(Enums.ComponentType.Library, 'a-component', {
+  })(new Models.Component(Enums.ComponentType.Library, 'a-component', {
     bomRef: 'a-component',
     dependencies: new Models.BomRefRepository([
       new Models.BomRef('unknown foreign ref that should not be rendered')
     ])
   })))
 
+  bom.components.add((function (component) {
+    // scenario:
+    // * `subComponentA` is a bundled dependency, that itself depends on `subComponentB`.
+    // * `subComponentB` is a transitive bundled dependency.
+    const subComponentA = new Models.Component(Enums.ComponentType.Library, 'SubComponentA', {
+      bomRef: `${component.bomRef.value}#SubComponentA`
+    })
+    component.dependencies.add(subComponentA.bomRef)
+    component.components.add(subComponentA)
+    const subComponentB = new Models.Component(Enums.ComponentType.Library, 'SubComponentB', {
+      bomRef: `${component.bomRef.value}#SubComponentB`
+    })
+    subComponentA.dependencies.add(subComponentB.bomRef)
+    component.components.add(subComponentB)
+    return component
+  })(new Models.Component(
+    Enums.ComponentType.Framework, 'SomeFrameworkBundle', {
+      bomRef: 'SomeFrameworkBundle'
+    })))
+
   return bom
 }