Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: reorganize responsibilities and capabilities sections in README.md #719

Draft
wants to merge 17 commits into
base: main
Choose a base branch
from

Conversation

HmbleCreator
Copy link

Closes #485

This PR reorganizes the documentation in README.md to better structure the responsibilities and capabilities sections. The changes:

Changes

  • Restructured "Responsibilities" section to clearly outline the library's core functions
  • Reorganized "Capabilities" section into logical subsections:
    • Enums
    • Data Models (Core and Vulnerability)
    • Utilities
    • CycloneDX Specification Support
  • Improved readability with consistent formatting and hierarchical organization

No Changes To

  • Functionality
  • API
  • Dependencies
  • Installation instructions
  • Usage examples
  • Other documentation sections

Testing

  • Verified all links remain functional
  • Checked Markdown formatting
  • Ensured all existing content is preserved

Similar to the organization in:
https://github.com/CycloneDX/cyclonedx-php-library#responsibilities

Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Reorganizes the responsibilities and capabilities sections for better clarity and organization, as requested in issue CycloneDX#485

Signed-off-by: Humble Creator <[email protected]>
@HmbleCreator HmbleCreator marked this pull request as ready for review October 22, 2024 17:20
@HmbleCreator HmbleCreator requested a review from a team as a code owner October 22, 2024 17:20
@HmbleCreator HmbleCreator marked this pull request as draft October 22, 2024 17:20
@jkowalleck jkowalleck added the documentation Improvements or additions to documentation label Oct 22, 2024
@jkowalleck jkowalleck changed the title docs: reorganize responsibilities and capabilities sections in README.md [WIP] docs: reorganize responsibilities and capabilities sections in README.md Oct 22, 2024
README.md Show resolved Hide resolved
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
Signed-off-by: Humble Creator <[email protected]>
@HmbleCreator HmbleCreator marked this pull request as ready for review October 24, 2024 07:09
@jkowalleck jkowalleck changed the title [WIP] docs: reorganize responsibilities and capabilities sections in README.md docs: reorganize responsibilities and capabilities sections in README.md Oct 24, 2024
Copy link
Member

@jkowalleck jkowalleck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for your effort,
please see my remarks below

README.md Outdated Show resolved Hide resolved

## Documentation

View the documentation [here](https://cyclonedx-python-library.readthedocs.io/).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please bring back the paragraph that links to the rendered documentation.

README.md Show resolved Hide resolved
README.md Outdated

## Capabilities

* Enums for the following use cases:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are there not much ore enums?

README.md Outdated
* `ExternalReferenceType`
* `HashAlgorithm`
* `LicenseAcknowledgement`
* Data models for the following use cases:
Copy link
Member

@jkowalleck jkowalleck Oct 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are there not much more models?

README.md Outdated
* `1.3`
* `1.2`
* `1.1`
* Normalizers that convert data models to JSON structures
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nope, there are no normalizers in this library. this appears to be a copy-past artifact.

README.md Outdated
* `Property`, `PropertyRepository`
* `Tool`, `ToolRepository`
* Utilities for the following use cases:
* Generate valid random SerialNumbers for `Bom.serialNumber`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

really? where?

README.md Outdated Show resolved Hide resolved
README.md Outdated
bom.metadata.component.dependencies.add(component_a.bom_ref)
```

## Schema Support
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice to have, but not in the readme.
you may craft such a section in the docs.


See our [CHANGELOG][chaneglog_file].
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please bring back the link to the changelog.

Key changes made:

Added several missing enums based on the test files
Removed LicenseAcknowledgement as it wasn't found in the test files
Added missing models based on the model directory structure
Removed the serial number generation utility as there wasn't clear evidence of its existence
Organized models into logical groupings for better readability

Signed-off-by: Humble Creator <[email protected]>
Copy link
Member

@jkowalleck jkowalleck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these are great improvements.

lets discuss the reasoning behind the grouping of the models.

* 1.4
* 1.3
* 1.2
* 1.1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1.0 is missing.
we do have support for it, dont we?

@@ -56,30 +153,29 @@ See the [LICENSE][license_file] file for the full license.
[jake]: https://github.com/sonatype-nexus-community/jake

[license_file]: https://github.com/CycloneDX/cyclonedx-python-lib/blob/master/LICENSE
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please order the links back like they were.
file-links were grouped, shield-links were grouped, external-links were grouped ...

* `Property` - Property handling
* `Tool` - Tool representation

#### Repository Models
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the repositories are a mere collection of other tools.
please put them to their respective domain group

* `VulnerabilityScoreSource` - Vulnerability score source types
* `VulnerabilitySeverity` - Vulnerability severity types

### Data Models
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you explain the idea behind this grouping? how is this organized, how came this together?
I really love to understand your reasoning. You might have fresh ideas that are beneficial for the project :-) please share your thoughts.

I mean, all these models were based of CycloneDX spec -- they actually reflect it.
If a grouping was actually necessary, it should correlate with the CycloneDX spec groups somehow.

* `ToolRepository` - Tool management

### Utilities
* Serial number generation for BOMs
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i did not know we have this. could you point me to the code that does this?

### Utilities
* Serial number generation for BOMs
* Hash calculation helpers
* License expression parsing
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i did not know we have this. could you point me to the code that does this?

* Serial number generation for BOMs
* Hash calculation helpers
* License expression parsing
* XML/JSON serialization helpers
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we do have this, but we dont want to brag about it, thse are mere internal helpers for experts. we better not tell about them here.
please remove,


### Utilities
* Serial number generation for BOMs
* Hash calculation helpers
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we do have this, but we dont want to brag about it, these are mere helpers for experts. we better not tell about them here.
please remove

* License expression parsing
* XML/JSON serialization helpers

### Specification Support
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please make each version a code-block by surrounding it with `


## Capabilities

### Enums
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the description next to the enum types do not add much value, as they duplicate the enums name and add the word type.
i'd rather remove the additional descriptions.

@jkowalleck
Copy link
Member

we just got a new set of models that needs to be added - see #701


**This package is not designed for standalone use. It is a software library.**
> **Note**: This package is a software library not intended for standalone use. For generating Software Bill of Materials (SBOM), check out [CycloneDX Python][cyclonedx-python] or [Jake][jake].
Copy link
Member

@jkowalleck jkowalleck Oct 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use one of the flavors here:
https://github.com/orgs/community/discussions/16925

> [!NOTE]  
> Highlights information that users should take into account, even when skimming.

> [!TIP]
> Optional information to help a user be more successful.

> [!IMPORTANT]  
> Crucial information necessary for users to succeed.

> [!WARNING]  
> Critical content demanding immediate user attention due to potential risks.

> [!CAUTION]
> Negative potential consequences of an action.

Note

Highlights information that users should take into account, even when skimming.

Tip

Optional information to help a user be more successful.

Important

Crucial information necessary for users to succeed.

Warning

Critical content demanding immediate user attention due to potential risks.

Caution

Negative potential consequences of an action.

@jkowalleck jkowalleck marked this pull request as draft November 4, 2024 14:13
@jkowalleck
Copy link
Member

The efforts are appreciated very much. 💟
They just need an updated in accordance with the latest development. I am sorry for the inconvenience.

I've just put this very PR in "draft" mode.
Feel free to change it to "ready for review" anytime it was updated, @HmbleCreator

@HmbleCreator
Copy link
Author

HmbleCreator commented Nov 4, 2024

The efforts are appreciated very much. 💟 They just need an updated in accordance with the latest development. I am sorry for the inconvenience.

I've just put this very PR in "draft" mode. Feel free to change it to "ready for review" anytime it was updated, @HmbleCreator

Thankyou for your concern but I won't be able to work on it for a while, my end sem exams are ahead. As soon as I'll be free I'll work on it right away.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[DOCS] list responsibilities and capabilities
2 participants