Coverage for /home/benjarobin/Bootlin/projects/Schneider-Electric-Senux/sbom-cve-check/src/sbom_cve_check/sbom/sbom_base.py: 88%

32 statements  

« prev     ^ index     » next       coverage.py v7.11.1, created at 2025-11-28 15:37 +0100

1# -*- coding: utf-8 -*- 

2# SPDX-License-Identifier: GPL-2.0-only 

3""" 

4Implements the generic Software Bill Of Materials (SBOM) class. 

5 

6The actual logic should live in a child class, such as e.g. Spdx3Sbom. 

7""" 

8 

9import abc 

10import datetime 

11import logging 

12import pathlib 

13from collections.abc import Generator 

14from typing import Any 

15 

16from ..cve_db.annot_base import AnnotDatabase 

17from ..vuln.cve import CveId 

18from .component import CompBuild 

19 

20_logger = logging.getLogger(__name__) 

21 

22 

23class Sbom(abc.ABC): 

24 def __init__(self, path: pathlib.Path) -> None: 

25 self._sbom_path = path 

26 

27 @classmethod 

28 @abc.abstractmethod 

29 def can_handle_sbom(cls, path: pathlib.Path) -> bool: 

30 """ 

31 Indicates if this class can process/handle this SBOM file 

32 """ 

33 

34 def create_annot_database(self, **kwargs: Any) -> AnnotDatabase | None: 

35 """ 

36 :return: If the SBOM contains CVE annotations, return associated annotation 

37 database 

38 """ 

39 return None 

40 

41 @property 

42 @abc.abstractmethod 

43 def supplier(self) -> str | None: 

44 """ 

45 Provides the name of an entity that creates, defines, and identifies components 

46 :return: supplier name or None 

47 """ 

48 

49 @property 

50 @abc.abstractmethod 

51 def timestamp(self) -> datetime.datetime | None: 

52 """:return: The record of the date and time of the SBOM data assembly""" 

53 

54 @abc.abstractmethod 

55 def iterate_component_builds(self) -> Generator[CompBuild, None, None]: 

56 """ 

57 Provide each SBOM component build object. This object contains the various 

58 components that were built using the same "recipe". These components must share 

59 the same component identifiers and version. 

60 """ 

61 

62 def update_sbom_generation_tools(self) -> None: 

63 """Update agents and tools used to generate and write this new SBOM""" 

64 raise NotImplementedError 

65 

66 def write_to_file(self, path_sbom: str | pathlib.Path) -> None: 

67 """Write SBOM to disk. The path should be a path to a file""" 

68 raise NotImplementedError 

69 

70 def remove_all_cve_vulnerability(self, cve_id: CveId) -> None: 

71 """Remove all CVE vulnerabilities with this id and associated assessments""" 

72 raise NotImplementedError