Pass set of validated SBOMs to consolidation by DaveTryon · Pull Request #1119 · microsoft/sbom-tool (original) (raw)

#1117 included a temporary property that was just for testing purposes. This PR is about removing that temporary property.

1. Remove SbomConsolidationWorkflow.SourceSbomsTemp
2. The SBOM detection code had the sbomPath, but wasn't passing it back to where the consolidation code could access it. I could have added another field to the Tuple, but it felt cleaner to replace the Tuple with a new class--this is the ConsolidationSource class
3. Add a couple of mocks to replace the test that was setting the temporary property
4. Rename sbomsToValidate to consolidationSources, since the same data will flow to both validation and consolidation
5. Use some const strings in the unit tests
6. Casing consistency: We had a couple of variables whose names began with sPDXFormatDetector. Change them to begin with spdxFormatDetector

This PR changes files in the API project. Does it change any of the API interfaces in any way? Please note that this includes the following types of changes:

• Changing the signature of an existing interface method
• Adding a new method to an existing interface
• Adding a required data member to a class that an existing interface method consumes

Because any of these changes can potentially break a downstream consumer with customized interface implementations, these changes need to be treated as breaking changes. Please do one of the following:

Option 1 - Publish this as a breaking change

1. Update the documentation to show the new functionality
2. Bump the major version in the next release
3. Be sure to highlight the breaking changes in the release notes

Option 2 - Refactor the changes to be non-breaking

1. Review this commit, which adds a new interface in a backward-compatible way
2. Refactor the change to follow this pattern so that existing interfaces are left completely intact
3. Bump the minor version in the next release

This PR changes files in the API project. Does it change any of the API interfaces in any way? Please note that this includes the following types of changes:

• Changing the signature of an existing interface method
• Adding a new method to an existing interface
• Adding a required data member to a class that an existing interface method consumes

Because any of these changes can potentially break a downstream consumer with customized interface implementations, these changes need to be treated as breaking changes. Please do one of the following:

Option 1 - Publish this as a breaking change

1. Update the documentation to show the new functionality
2. Bump the major version in the next release
3. Be sure to highlight the breaking changes in the release notes

Option 2 - Refactor the changes to be non-breaking

1. Review this commit, which adds a new interface in a backward-compatible way
2. Refactor the change to follow this pattern so that existing interfaces are left completely intact
3. Bump the minor version in the next release

DaveTryon deleted the DaveTryon/use-validated-sboms branch

June 30, 2025 20:08

This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters

[ Show hidden characters]({{ revealButtonHref }})