-
-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: reorganize responsibilities and capabilities sections in README.md #719
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Reorganizes the responsibilities and capabilities sections for better clarity and organization, as requested in issue CycloneDX#485 Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you for your effort,
please see my remarks below
|
||
## Documentation | ||
|
||
View the documentation [here](https://cyclonedx-python-library.readthedocs.io/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please bring back the paragraph that links to the rendered documentation.
README.md
Outdated
|
||
## Capabilities | ||
|
||
* Enums for the following use cases: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are there not much ore enums?
README.md
Outdated
* `ExternalReferenceType` | ||
* `HashAlgorithm` | ||
* `LicenseAcknowledgement` | ||
* Data models for the following use cases: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are there not much more models?
README.md
Outdated
* `1.3` | ||
* `1.2` | ||
* `1.1` | ||
* Normalizers that convert data models to JSON structures |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nope, there are no normalizers in this library. this appears to be a copy-past artifact.
README.md
Outdated
* `Property`, `PropertyRepository` | ||
* `Tool`, `ToolRepository` | ||
* Utilities for the following use cases: | ||
* Generate valid random SerialNumbers for `Bom.serialNumber` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
really? where?
README.md
Outdated
bom.metadata.component.dependencies.add(component_a.bom_ref) | ||
``` | ||
|
||
## Schema Support |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice to have, but not in the readme.
you may craft such a section in the docs.
|
||
See our [CHANGELOG][chaneglog_file]. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please bring back the link to the changelog.
Key changes made: Added several missing enums based on the test files Removed LicenseAcknowledgement as it wasn't found in the test files Added missing models based on the model directory structure Removed the serial number generation utility as there wasn't clear evidence of its existence Organized models into logical groupings for better readability Signed-off-by: Humble Creator <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these are great improvements.
lets discuss the reasoning behind the grouping of the models.
* 1.4 | ||
* 1.3 | ||
* 1.2 | ||
* 1.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1.0
is missing.
we do have support for it, dont we?
@@ -56,30 +153,29 @@ See the [LICENSE][license_file] file for the full license. | |||
[jake]: https://github.com/sonatype-nexus-community/jake | |||
|
|||
[license_file]: https://github.com/CycloneDX/cyclonedx-python-lib/blob/master/LICENSE |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please order the links back like they were.
file-links were grouped, shield-links were grouped, external-links were grouped ...
* `Property` - Property handling | ||
* `Tool` - Tool representation | ||
|
||
#### Repository Models |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the repositories are a mere collection of other tools.
please put them to their respective domain group
* `VulnerabilityScoreSource` - Vulnerability score source types | ||
* `VulnerabilitySeverity` - Vulnerability severity types | ||
|
||
### Data Models |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could you explain the idea behind this grouping? how is this organized, how came this together?
I really love to understand your reasoning. You might have fresh ideas that are beneficial for the project :-) please share your thoughts.
I mean, all these models were based of CycloneDX spec -- they actually reflect it.
If a grouping was actually necessary, it should correlate with the CycloneDX spec groups somehow.
* `ToolRepository` - Tool management | ||
|
||
### Utilities | ||
* Serial number generation for BOMs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i did not know we have this. could you point me to the code that does this?
### Utilities | ||
* Serial number generation for BOMs | ||
* Hash calculation helpers | ||
* License expression parsing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i did not know we have this. could you point me to the code that does this?
* Serial number generation for BOMs | ||
* Hash calculation helpers | ||
* License expression parsing | ||
* XML/JSON serialization helpers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we do have this, but we dont want to brag about it, thse are mere internal helpers for experts. we better not tell about them here.
please remove,
|
||
### Utilities | ||
* Serial number generation for BOMs | ||
* Hash calculation helpers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we do have this, but we dont want to brag about it, these are mere helpers for experts. we better not tell about them here.
please remove
* License expression parsing | ||
* XML/JSON serialization helpers | ||
|
||
### Specification Support |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please make each version a code-block by surrounding it with `
|
||
## Capabilities | ||
|
||
### Enums |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the description next to the enum types do not add much value, as they duplicate the enums name and add the word type
.
i'd rather remove the additional descriptions.
we just got a new set of models that needs to be added - see #701 |
|
||
**This package is not designed for standalone use. It is a software library.** | ||
> **Note**: This package is a software library not intended for standalone use. For generating Software Bill of Materials (SBOM), check out [CycloneDX Python][cyclonedx-python] or [Jake][jake]. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use one of the flavors here:
https://github.com/orgs/community/discussions/16925
> [!NOTE]
> Highlights information that users should take into account, even when skimming.
> [!TIP]
> Optional information to help a user be more successful.
> [!IMPORTANT]
> Crucial information necessary for users to succeed.
> [!WARNING]
> Critical content demanding immediate user attention due to potential risks.
> [!CAUTION]
> Negative potential consequences of an action.
Note
Highlights information that users should take into account, even when skimming.
Tip
Optional information to help a user be more successful.
Important
Crucial information necessary for users to succeed.
Warning
Critical content demanding immediate user attention due to potential risks.
Caution
Negative potential consequences of an action.
The efforts are appreciated very much. 💟 I've just put this very PR in "draft" mode. |
Thankyou for your concern but I won't be able to work on it for a while, my end sem exams are ahead. As soon as I'll be free I'll work on it right away. |
Closes #485
This PR reorganizes the documentation in README.md to better structure the responsibilities and capabilities sections. The changes:
Changes
No Changes To
Testing
Similar to the organization in:
https://github.com/CycloneDX/cyclonedx-php-library#responsibilities