File Coverage

blib/lib/SBOM/CycloneDX/Schema.pm

Criterion	Covered	Total	%
statement	49	49	100.0
branch	2	2	100.0
condition	1	2	50.0
subroutine	16	16	100.0
pod	4	4	100.0
total	72	73	98.6

line	stmt	bran	cond	sub	pod	time	code
1							package SBOM::CycloneDX::Schema;
2
3	16			16		324	use 5.010001;
	16					77
4	16			16		85	use strict;
	16					26
	16					371
5	16			16		65	use warnings;
	16					25
	16					801
6	16			16		83	use utf8;
	16					28
	16					108
7
8	16			16		698	use Exporter qw(import);
	16					67
	16					1018
9
10							our @EXPORT = qw(
11							schema_dir
12							schema_file
13							);
14
15	16			16		7718	use SBOM::CycloneDX;
	16					76
	16					891
16
17	16			16		1201	use File::Basename qw(dirname);
	16					45
	16					1435
18	16			16		2009	use File::Spec::Functions qw(catfile);
	16					3093
	16					1013
19	16			16		10294	use JSON::Validator;
	16					9794790
	16					135
20
21	16			16		996	use Types::Standard qw(HashRef InstanceOf);
	16					39
	16					357
22
23	16			16		52192	use Moo;
	16					39
	16					198
24
25	16		50	16		7743	use constant DEBUG => $ENV{SBOM_DEBUG} \|\| 0;
	16					43
	16					7646
26
27							our @JSON_SCHEMA_REGISTRY = (
28							'bom-1.2-strict.schema.json', 'bom-1.2.schema.json', 'bom-1.3-strict.schema.json', 'bom-1.3.schema.json',
29							'bom-1.4.schema.json', 'bom-1.5.schema.json', 'bom-1.6.schema.json', 'bom-1.7.schema.json',
30							'jsf-0.82.schema.json', 'spdx.schema.json', 'cryptography-defs.schema.json'
31							);
32
33							has bom => (is => 'ro', isa => InstanceOf ['SBOM::CycloneDX'] \| HashRef, required => 1);
34
35	4383			4383	1	259724	sub schema_dir { catfile(dirname(__FILE__), 'schema') }
36	4383			4383	1	52286	sub schema_file { catfile(schema_dir, shift) }
37
38							sub validator {
39
40	397			397	1	1051	my ($self) = @_;
41
42	397					4708	my $jv = JSON::Validator->new;
43
44	397					9065	foreach my $json_schema_file (@JSON_SCHEMA_REGISTRY) {
45	4367					12113129	DEBUG and say sprintf('-- Preload JSON Schema file %s', $json_schema_file);
46	4367					21797	$jv->store->load(schema_file($json_schema_file));
47							}
48
49	397	100				672135	my $spec_version = (ref $self->bom eq 'HASH') ? $self->bom->{specVersion} : $self->bom->spec_version;
50	397					2380	my $cyclonedx_json_schema = $SBOM::CycloneDX::JSON_SCHEMA{$spec_version};
51
52	397					954	DEBUG and say sprintf('-- Use %s JSON schema for validation', $cyclonedx_json_schema);
53
54	397					2453	$jv->schema($cyclonedx_json_schema)->schema->coerce('bool,num');
55
56	397					123312845	return $jv;
57
58							}
59
60							sub validate {
61	397			397	1	70404	my ($self) = @_;
62	397					1974	return $self->validator->validate($self->bom);
63							}
64
65
66							1;
67
68							=encoding utf-8
69
70							=head1 NAME
71
72							SBOM::CycloneDX::Schema - JSON Schema Validator
73
74							=head1 SYNOPSIS
75
76							use SBOM::CycloneDX::Schema;
77
78							my $validator = SBOM::CycloneDX::Schema->new(bom => sbom);
79
80							my @errors = $validator->validate;
81
82							say $_ for @errors;
83
84
85							=head1 DESCRIPTION
86
87							Validate CycloneDX objects using JSON Schema.
88
89							=head2 METHODS
90
91							=over
92
93							=item SBOM::CycloneDX::Schema->new(object => $object)
94
95							=item $schema->bom
96
97							L instance or HASH.
98
99							=item $schema->validator
100
101							Return L object.
102
103							=item $schema->validate
104
105							Validate and return the L errors.
106
107							=back
108
109							=head2 FUNCTIONS
110
111							=over
112
113							=item schema_dir
114
115							Return the CycloneDX schema path.
116
117							=item schema_file ($json_schema_file)
118
119							Return the CycloneDX schema file path.
120
121							schema_file('bom-1.6.schema.json'); # ../SBOM/CycloneDX/schema/bom-1.6.schema.json
122
123							=back
124
125							=head1 SUPPORT
126
127							=head2 Bugs / Feature Requests
128
129							Please report any bugs or feature requests through the issue tracker
130							at L.
131							You will be notified automatically of any progress on your issue.
132
133							=head2 Source Code
134
135							This is open source software. The code repository is available for
136							public review and contribution under the terms of the license.
137
138							L
139
140							git clone https://github.com/giterlizzi/perl-SBOM-CycloneDX.git
141
142
143							=head1 AUTHOR
144
145							=over 4
146
147							=item * Giuseppe Di Terlizzi
148
149							=back
150
151
152							=head1 LICENSE AND COPYRIGHT
153
154							This software is copyright (c) 2025-2026 by Giuseppe Di Terlizzi.
155
156							This is free software; you can redistribute it and/or modify it under
157							the same terms as the Perl 5 programming language system itself.
158
159							=cut