(tooling-trusted-release) branch main updated: Add ATR native validation for comparison

Mon, 01 Sep 2025 11:33:38 -0700 

This is an automated email from the ASF dual-hosted git repository.

sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-release.git


The following commit(s) were added to refs/heads/main by this push:
     new 5e962f9  Add ATR native validation for comparison
5e962f9 is described below

commit 5e962f9e215f471a02ddee7add4e289871673e12
Author: Sean B. Palmer <[email protected]>
AuthorDate: Mon Sep 1 19:33:09 2025 +0100

    Add ATR native validation for comparison
---
 atr/sbomtool.py | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/atr/sbomtool.py b/atr/sbomtool.py
index ee6efc8..7ef3afd 100644
--- a/atr/sbomtool.py
+++ b/atr/sbomtool.py
@@ -30,6 +30,15 @@ import urllib.parse
 import urllib.request
 from typing import TYPE_CHECKING, Annotated, Any, Final, Literal
 
+try:
+    import atr.models.cyclonedx as models_cyclonedx
+except ImportError:
+    sys.path.append(".")
+    try:
+        import atr.models.cyclonedx as models_cyclonedx
+    except ImportError:
+        models_cyclonedx = None
+
 import cyclonedx.exception
 import cyclonedx.schema
 import cyclonedx.validation.json
@@ -579,6 +588,16 @@ def main() -> None:
                     if i > 10:
                         print("...")
                         break
+        case "validate-atr":
+            errors = validate_atr(bundle)
+            if not errors:
+                print("valid")
+            else:
+                for i, e in enumerate(errors):
+                    print(e)
+                    if i > 10:
+                        print("...")
+                        break
         case "where":
             _warnings, errors = ntia_2021_conformance_issues(bundle.bom)
             for error in errors:
@@ -856,6 +875,16 @@ def sbomqs_total_score(value: pathlib.Path | str | 
yyjson.Document) -> float:
     return report.summary.total_score
 
 
+def validate_atr(bundle: Bundle) -> Iterable[Any] | None:
+    if models_cyclonedx is None:
+        raise RuntimeError("models_cyclonedx is not loaded")
+    try:
+        
models_cyclonedx.CyclonedxBillOfMaterialsStandard.model_validate_json(bundle.text)
+    except pydantic.ValidationError as e:
+        return e.errors()
+    return None
+
+
 def validate_cyclonedx_json(bundle: Bundle) -> 
Iterable[cyclonedx.validation.json.JsonValidationError] | None:
     json_sv = get_pointer(bundle.doc, "/specVersion")
     sv = cyclonedx.schema.SchemaVersion.V1_6


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to