Skip to content

Commit

Permalink
Fix BOM validation failing when URL contains encoded [ and ] char…
Browse files Browse the repository at this point in the history 
…acters

Fixes #3831

Signed-off-by: nscuro <nscuro@protonmail.com>
  • Loading branch information
@nscuro
nscuro committed Jun 22, 2024
1 parent 93a32e1 commit d546749
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 1 deletion.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@
<lib.commons-compress.version>1.26.1</lib.commons-compress.version>
<lib.cvss-calculator.version>1.4.2</lib.cvss-calculator.version>
<lib.owasp-rr-calculator.version>1.0.1</lib.owasp-rr-calculator.version>
<lib.cyclonedx-java.version>9.0.3</lib.cyclonedx-java.version>
<lib.cyclonedx-java.version>9.0.4</lib.cyclonedx-java.version>
<lib.greenmail.version>1.6.15</lib.greenmail.version>
<lib.jackson.version>2.17.1</lib.jackson.version>
<lib.jackson-databind.version>2.17.1</lib.jackson-databind.version>
Expand Down
23 changes: 23 additions & 0 deletions src/test/java/org/dependencytrack/parser/cyclonedx/CycloneDxValidatorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -218,4 +218,27 @@ public void testValidateWithValidBom(final Path bomFilePath) throws Exception {
assertThatNoException().isThrownBy(() -> validator.validate(bomBytes));
}

@Test // https://github.com/DependencyTrack/dependency-track/issues/3831
public void testValidateJsonWithUrlContainingEncodedBrackets() {
assertThatNoException()
.isThrownBy(() -> validator.validate("""
{
"bomFormat": "CycloneDX",
"specVersion": "1.5",
"components": [
{
"type": "library",
"name": "acme-library",
"externalReferences": [
{
"type": "website",
"url": "https://example.com/foo?bar=%5Bbaz%5D"
}
]
}
]
}
""".getBytes()));
}

}

0 comments on commit d546749

Please sign in to comment.