Examples

 1<?php
 2
 3declare(strict_types=1);
 4
 5/*
 6 * This file is part of CycloneDX PHP Library.
 7 *
 8 * Licensed under the Apache License, Version 2.0 (the "License");
 9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
11 *
12 *   http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 *
20 * SPDX-License-Identifier: Apache-2.0
21 * Copyright (c) OWASP Foundation. All Rights Reserved.
22 */
23
24namespace CycloneDX\Examples;
25
26require_once __DIR__.'/vendor/autoload.php';
27
28// Example how to serialize a Bom to JSON / XML.
29
30$lFac = new \CycloneDX\Contrib\License\Factories\LicenseFactory(
31    new \CycloneDX\Core\Spdx\LicenseIdentifiers(),
32    new \Composer\Spdx\SpdxLicenses()
33);
34
35// region build the BOM
36
37$bom = new \CycloneDX\Core\Models\Bom();
38$bom->getMetadata()->setComponent(
39    $rootComponent = new \CycloneDX\Core\Models\Component(
40        \CycloneDX\Core\Enums\ComponentType::Application,
41        'myApp'
42    )
43);
44$rootComponent->getBomRef()->setValue('myApp');
45$rootComponent->getLicenses()->addItems($lFac->makeFromString('MIT OR Apache-2.0'));
46
47$component = new \CycloneDX\Core\Models\Component(
48    \CycloneDX\Core\Enums\ComponentType::Library,
49    'myComponent'
50);
51$component->getLicenses()->addItems($lFac->makeFromString('MIT'));
52$bom->getComponents()->addItems($component);
53
54$rootComponent->getDependencies()->addItems($component->getBomRef());
55
56// endregion build the BOM
57
58$spec = \CycloneDX\Core\Spec\SpecFactory::make1dot7();
59
60$prettyPrint = false;
61
62$serializedJSON = (new \CycloneDX\Core\Serialization\JsonSerializer(
63    new \CycloneDX\Core\Serialization\JSON\NormalizerFactory($spec)
64))->serialize($bom, $prettyPrint);
65echo $serializedJSON, \PHP_EOL;
66$jsonValidationErrors = (new \CycloneDX\Core\Validation\Validators\JsonValidator($spec->getVersion()))->validateString($serializedJSON);
67if (null === $jsonValidationErrors) {
68    echo 'JSON valid', \PHP_EOL;
69} else {
70    fwrite(\STDERR, \PHP_EOL.'JSON ValidationError:'.\PHP_EOL);
71    fwrite(\STDERR, print_r($jsonValidationErrors, true));
72    exit(1);
73}
74
75$serializedXML = (new \CycloneDX\Core\Serialization\XmlSerializer(
76    new \CycloneDX\Core\Serialization\DOM\NormalizerFactory($spec)
77))->serialize($bom, $prettyPrint);
78echo $serializedXML, \PHP_EOL;
79$xmlValidationErrors = (new \CycloneDX\Core\Validation\Validators\XmlValidator($spec->getVersion()))->validateString($serializedXML);
80if (null === $xmlValidationErrors) {
81    echo 'XML valid', \PHP_EOL;
82} else {
83    fwrite(\STDERR, \PHP_EOL.'XML ValidationError:'.\PHP_EOL);
84    fwrite(\STDERR, print_r($xmlValidationErrors, true));
85    exit(2);
86}