Skip to content

Commit fdb06d6

Browse files
baileympearsonbaileympearson
committed
update SBOM file and add test confirming we do not accidentally upgrade libmongocrypt without updating deps
1 parent ac86fcf commit fdb06d6

File tree

2 files changed

+25
-7
lines changed

2 files changed

+25
-7
lines changed

sbom.json

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,26 +1,31 @@
11
{
22
"components": [
33
{
4-
"bom-ref": "pkg:github/mongodb/libmongocrypt",
4+
"bom-ref": "pkg:github/mongodb/libmongocrypt@1.10.0",
55
"externalReferences": [
6+
{
7+
"type": "distribution",
8+
"url": "https://github.com/mongodb/libmongocrypt/archive/refs/tags/1.10.0.tar.gz"
9+
},
610
{
711
"type": "website",
8-
"url": "https://github.com/mongodb/libmongocrypt"
12+
"url": "https://github.com/mongodb/libmongocrypt/tree/1.10.0"
913
}
1014
],
1115
"group": "mongodb",
1216
"name": "libmongocrypt",
13-
"purl": "pkg:github/mongodb/libmongocrypt",
14-
"type": "library"
17+
"purl": "pkg:github/mongodb/libmongocrypt@1.10.0",
18+
"type": "library",
19+
"version": "1.10.0"
1520
}
1621
],
1722
"dependencies": [
1823
{
19-
"ref": "pkg:github/mongodb/libmongocrypt"
24+
"ref": "pkg:github/mongodb/libmongocrypt@1.10.0"
2025
}
2126
],
2227
"metadata": {
23-
"timestamp": "2024-05-01T20:55:10.513782+00:00",
28+
"timestamp": "2024-06-13T19:31:46.989110+00:00",
2429
"tools": [
2530
{
2631
"externalReferences": [
@@ -63,7 +68,7 @@
6368
}
6469
]
6570
},
66-
"serialNumber": "urn:uuid:d39c0f4e-9f42-4f2b-8102-01c5da520fe7",
71+
"serialNumber": "urn:uuid:ecd6916a-5c14-448c-a399-161adf46a609",
6772
"version": 1,
6873
"$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
6974
"bomFormat": "CycloneDX",

test/libmongocrypt_version.test.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
import { expect } from 'chai';
2+
import { join } from 'path';
3+
4+
describe('libmongocrypt version', function () {
5+
it('the version in the package.json matches the version declared in the sbom file', function () {
6+
// eslint-disable-next-line @typescript-eslint/no-var-requires
7+
const packageVersion = require(join(__dirname, '../package.json'))['mongodb:libmongocrypt'];
8+
// eslint-disable-next-line @typescript-eslint/no-var-requires
9+
const sbom = require(join(__dirname, '../sbom.json')).dependencies[0].ref;
10+
11+
expect(sbom).to.include(packageVersion);
12+
});
13+
});

0 commit comments

Comments
 (0)