File Coverage

blib/lib/SBOM/CycloneDX/Schema.pm

Criterion	Covered	Total	%
statement	49	49	100.0
branch	2	2	100.0
condition	1	2	50.0
subroutine	16	16	100.0
pod	4	4	100.0
total	72	73	98.6

line	stmt	bran	cond	sub	pod	time	code
1							package SBOM::CycloneDX::Schema;
2
3	16			16		323	use 5.010001;
	16					66
4	16			16		100	use strict;
	16					37
	16					511
5	16			16		80	use warnings;
	16					34
	16					949
6	16			16		96	use utf8;
	16					32
	16					109
7
8	16			16		825	use Exporter qw(import);
	16					92
	16					1226
9
10							our @EXPORT = qw(
11							schema_dir
12							schema_file
13							);
14
15	16			16		9231	use SBOM::CycloneDX;
	16					85
	16					1089
16
17	16			16		526	use File::Basename qw(dirname);
	16					68
	16					1507
18	16			16		1825	use File::Spec::Functions qw(catfile);
	16					2748
	16					1064
19	16			16		10700	use JSON::Validator;
	16					9794461
	16					136
20
21	16			16		986	use Types::Standard qw(HashRef InstanceOf);
	16					43
	16					361
22
23	16			16		54084	use Moo;
	16					44
	16					183
24
25	16		50	16		7922	use constant DEBUG => $ENV{SBOM_DEBUG} \|\| 0;
	16					67
	16					8082
26
27							our @JSON_SCHEMA_REGISTRY = (
28							'bom-1.2-strict.schema.json', 'bom-1.2.schema.json', 'bom-1.3-strict.schema.json', 'bom-1.3.schema.json',
29							'bom-1.4.schema.json', 'bom-1.5.schema.json', 'bom-1.6.schema.json', 'bom-1.7.schema.json',
30							'jsf-0.82.schema.json', 'spdx.schema.json', 'cryptography-defs.schema.json'
31							);
32
33							has bom => (is => 'ro', isa => InstanceOf ['SBOM::CycloneDX'] \| HashRef, required => 1);
34
35	4383			4383	1	282812	sub schema_dir { catfile(dirname(__FILE__), 'schema') }
36	4383			4383	1	44576	sub schema_file { catfile(schema_dir, shift) }
37
38							sub validator {
39
40	397			397	1	1258	my ($self) = @_;
41
42	397					5922	my $jv = JSON::Validator->new;
43
44	397					8464	foreach my $json_schema_file (@JSON_SCHEMA_REGISTRY) {
45	4367					13094856	DEBUG and say sprintf('-- Preload JSON Schema file %s', $json_schema_file);
46	4367					18989	$jv->store->load(schema_file($json_schema_file));
47							}
48
49	397	100				714662	my $spec_version = (ref $self->bom eq 'HASH') ? $self->bom->{specVersion} : $self->bom->spec_version;
50	397					3000	my $cyclonedx_json_schema = $SBOM::CycloneDX::JSON_SCHEMA{$spec_version};
51
52	397					1028	DEBUG and say sprintf('-- Use %s JSON schema for validation', $cyclonedx_json_schema);
53
54	397					2992	$jv->schema($cyclonedx_json_schema)->schema->coerce('bool,num');
55
56	397					128771454	return $jv;
57
58							}
59
60							sub validate {
61	397			397	1	73942	my ($self) = @_;
62	397					2277	return $self->validator->validate($self->bom);
63							}
64
65
66							1;
67
68							=encoding utf-8
69
70							=head1 NAME
71
72							SBOM::CycloneDX::Schema - JSON Schema Validator
73
74							=head1 SYNOPSIS
75
76							use SBOM::CycloneDX::Schema;
77
78							my $validator = SBOM::CycloneDX::Schema->new(bom => sbom);
79
80							my @errors = $validator->validate;
81
82							say $_ for @errors;
83
84
85							=head1 DESCRIPTION
86
87							Validate CycloneDX objects using JSON Schema.
88
89							=head2 METHODS
90
91							=over
92
93							=item SBOM::CycloneDX::Schema->new(object => $object)
94
95							=item $schema->bom
96
97							L instance or HASH.
98
99							=item $schema->validator
100
101							Return L object.
102
103							=item $schema->validate
104
105							Validate and return the L errors.
106
107							=back
108
109							=head2 FUNCTIONS
110
111							=over
112
113							=item schema_dir
114
115							Return the CycloneDX schema path.
116
117							=item schema_file ($json_schema_file)
118
119							Return the CycloneDX schema file path.
120
121							schema_file('bom-1.6.schema.json'); # ../SBOM/CycloneDX/schema/bom-1.6.schema.json
122
123							=back
124
125							=head1 SUPPORT
126
127							=head2 Bugs / Feature Requests
128
129							Please report any bugs or feature requests through the issue tracker
130							at L.
131							You will be notified automatically of any progress on your issue.
132
133							=head2 Source Code
134
135							This is open source software. The code repository is available for
136							public review and contribution under the terms of the license.
137
138							L
139
140							git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.git
141
142
143							=head1 AUTHOR
144
145							=over 4
146
147							=item * Giuseppe Di Terlizzi
148
149							=back
150
151
152							=head1 LICENSE AND COPYRIGHT
153
154							This software is copyright (c) 2025-2026 by Giuseppe Di Terlizzi.
155
156							This is free software; you can redistribute it and/or modify it under
157							the same terms as the Perl 5 programming language system itself.
158
159							=cut