File Coverage

blib/lib/SBOM/CycloneDX/Lite.pm

Criterion	Covered	Total	%
statement	18	45	40.0
branch	0	6	0.0
condition			n/a
subroutine	6	27	22.2
pod	21	21	100.0
total	45	99	45.4

line	stmt	bran	sub	pod	time	code
1						package SBOM::CycloneDX::Lite;
2
3	1		1		3658	use 5.010001;
	1				3
4	1		1		5	use strict;
	1				3
	1				18
5	1		1		4	use warnings;
	1				2
	1				75
6	1		1		4	use utf8;
	1				2
	1				9
7
8	1		1		40	use Exporter ();
	1				2
	1				812
9
10						require SBOM::CycloneDX;
11						require SBOM::CycloneDX::Component;
12						require SBOM::CycloneDX::ExternalReference;
13						require SBOM::CycloneDX::Hash;
14						require SBOM::CycloneDX::License;
15						require SBOM::CycloneDX::OrganizationalContact;
16						require SBOM::CycloneDX::OrganizationalEntity;
17						require SBOM::CycloneDX::Property;
18
19
20						our @EXPORT_OK = qw(
21						bom
22						component
23						contact
24						external_reference
25						hash
26						license
27						organization
28						property
29
30						application_component
31						container_component
32						cryptographic_asset_component
33						data_component
34						device_component
35						device_driver_component
36						file_component
37						firmware_component
38						framework_component
39						library_component
40						machine_learning_model_component
41						operating_system_component
42						platform_component
43						);
44
45						our %EXPORT_TAGS = (all => \@EXPORT_OK);
46
47						my $LATEST_SPEC_VERSION = (
48						sort {
49						my ($am, $an) = split /\./, $a, 2;
50						my ($bm, $bn) = split /\./, $b, 2;
51						$am <=> $bm \|\| $an <=> $bn
52						} keys %SBOM::CycloneDX::JSON_SCHEMA
53						)[-1];
54
55						our $DEFAULT_SPEC_VERSION = $LATEST_SPEC_VERSION;
56
57						sub import {
58
59	1		1		38	my $class = shift;
60
61	1				5	foreach (@_) {
62	0	0			0	if ($_ =~ /^\:v(1_\d)$/) {
63	0				0	$DEFAULT_SPEC_VERSION = $1;
64	0				0	$DEFAULT_SPEC_VERSION =~ tr/_/./;
65						}
66	0	0			0	if ($_ eq ':latest') {
67	0				0	$DEFAULT_SPEC_VERSION = $LATEST_SPEC_VERSION;
68						}
69						}
70
71	1				3	local $Exporter::ExportLevel = 1;
72	1	0			73	Exporter::import($class, grep { $_ !~ /^:v1_/ && $_ ne ':latest' } @_);
	0
73
74						}
75
76	0		0	1		sub bom { SBOM::CycloneDX->new(spec_version => $DEFAULT_SPEC_VERSION, @_) }
77	0		0	1		sub component { SBOM::CycloneDX::Component->new(@_) }
78	0		0	1		sub contact { SBOM::CycloneDX::OrganizationalContact->new(@_) }
79	0		0	1		sub external_reference { SBOM::CycloneDX::ExternalReference->new(@_) }
80	0		0	1		sub hash { SBOM::CycloneDX::Hash->new(@_) }
81	0		0	1		sub license { SBOM::CycloneDX::License->new(@_) }
82	0		0	1		sub organization { SBOM::CycloneDX::OrganizationalEntity->new(@_) }
83	0		0	1		sub property { SBOM::CycloneDX::Property->new(@_) }
84
85	0		0	1		sub application_component { component(type => 'application', @_) }
86	0		0	1		sub container_component { component(type => 'container', @_) }
87	0		0	1		sub cryptographic_asset_component { component(type => 'cryptographic-asset', @_) }
88	0		0	1		sub data_component { component(type => 'data', @_) }
89	0		0	1		sub device_component { component(type => 'device', @_) }
90	0		0	1		sub device_driver_component { component(type => 'device-driver', @_) }
91	0		0	1		sub file_component { component(type => 'file', @_) }
92	0		0	1		sub firmware_component { component(type => 'firmware', @_) }
93	0		0	1		sub framework_component { component(type => 'framework', @_) }
94	0		0	1		sub library_component { component(type => 'library', @_) }
95	0		0	1		sub machine_learning_model_component { component(type => 'machine-learning-model', @_) }
96	0		0	1		sub operating_system_component { component(type => 'operating-system', @_) }
97	0		0	1		sub platform_component { component(type => 'platform', @_) }
98
99						1;
100
101						=encoding utf-8
102
103						=head1 NAME
104
105						SBOM::CycloneDX::Lite - Simple accessors and helpers for SBOM::CycloneDX
106
107						=head1 SYNOPSIS
108
109						use SBOM::CycloneDX::Lite qw(:v1_7 :all);
110
111						my $bom = bom;
112
113						my $root_component = application_component(
114						name => 'MyApp',
115						licenses => [license('Artistic-2.0')],
116						bom_ref => 'MyApp'
117						);
118
119						my $metadata = $bom->metadata;
120
121						$metadata->tools->add(cyclonedx_tool);
122
123						$metadata->component($root_component);
124
125						my $component1 = library_component(
126						name => 'some-component',
127						group => 'acme',
128						version => '1.33.7-beta.1',
129						licenses => [license(name => '(c) 2021 Acme inc.')],
130						bom_ref => 'myComponent@1.33.7-beta.1',
131						purl => URI::PackageURL->new(
132						type => 'generic',
133						namespace => 'acme',
134						name => 'some-component',
135						version => '1.33.7-beta.1'
136						),
137						);
138
139						$bom->components->add($component1);
140						$bom->add_dependency($root_component, [$component1]);
141
142						my $component2 = library_component(
143						name => 'some-library',
144						licenses => [license('GPL-3.0-only WITH Classpath-exception-2.0')],
145						bom_ref => 'some-lib',
146						);
147
148						$bom->components->add($component2);
149						$bom->add_dependency($root_component, [$component2]);
150
151						my @errors = $bom->validate;
152
153						if (@errors) {
154						say $_ for (@errors);
155						Carp::croak 'Validation error';
156						}
157
158						say $bom->to_string;
159
160
161
162						=head1 DESCRIPTION
163
164						L is an EXPERIMENTAL lightweight layer built on top of
165						L to quickly create CycloneDX BOM files.
166
167						It focuses on the most commonly used BOM fields and provides a simple,
168						low-boilerplate interface. It accepts friendly input and normalizes it into
169						canonical CycloneDX structures.
170
171						=head2 EXPORTED TAGS
172
173						=over
174
175						=item C<:latest>
176
177						Select the latest CycloneDX schema version supported by L
178						distribution.
179
180						=item C<:v1_7>
181
182						Select the CycloneDX v1.7 schema version.
183
184						=item C<:v1_6>
185
186						Select the CycloneDX v1.6 schema version.
187
188						=item C<:v1_5>
189
190						Select the CycloneDX v1.5 schema version.
191
192						=item C<:v1_4>
193
194						Select the CycloneDX v1.4 schema version.
195
196						=item C<:v1_3>
197
198						Select the CycloneDX v1.3 schema version.
199
200						=item C<:v1_2>
201
202						Select the CycloneDX v1.2 schema version.
203
204						=item C<:all>
205
206						Export all functions.
207
208						=back
209
210						=head2 EXPORTED FUNCTIONS
211
212						=head3 B
213
214						Return a L object.
215
216						=head3 B
217
218						Return a L object.
219
220						Component aliases:
221
222						=over
223
224						=item B
225
226						=item B
227
228						=item B
229
230						=item B
231
232						=item B
233
234						=item B
235
236						=item B
237
238						=item B
239
240						=item B
241
242						=item B
243
244						=item B
245
246						=item B
247
248						=item B
249
250						=back
251
252						=head3 B
253
254						Return a L object.
255
256						=head3 B
257
258						Return a L object.
259
260						=head3 B
261
262						Return a L object.
263
264						=head3 B
265
266						Return a L object.
267
268						=head3 B
269
270						Return a L object.
271
272						=head3 B
273
274						Return a L object.
275
276
277						=head1 SUPPORT
278
279						=head2 Bugs / Feature Requests
280
281						Please report any bugs or feature requests through the issue tracker
282						at L.
283						You will be notified automatically of any progress on your issue.
284
285						=head2 Source Code
286
287						This is open source software. The code repository is available for
288						public review and contribution under the terms of the license.
289
290						L
291
292						git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.git
293
294
295						=head1 AUTHOR
296
297						=over 4
298
299						=item * Giuseppe Di Terlizzi
300
301						=back
302
303
304						=head1 LICENSE AND COPYRIGHT
305
306						This software is copyright (c) 2025-2026 by Giuseppe Di Terlizzi.
307
308						This is free software; you can redistribute it and/or modify it under
309						the same terms as the Perl 5 programming language system itself.
310
311						=cut