replace deprecated ioutil functions (#44)

* replace deprecated ioutil functions

Signed-off-by: ajistrying <[email protected]>

* remove comments

Signed-off-by: ajistrying <[email protected]>

* G304 suppress warnings
Signed-off-by: ajistrying <[email protected]>

Signed-off-by: ajistrying <[email protected]>

* Support schema error results to be ouptut in JSON format including custom format flags (#40)

* Create a framework for validation error special case handling

Signed-off-by: Matt Rutkowski <[email protected]>

* Create a framework for validation error special case handling

Signed-off-by: Matt Rutkowski <[email protected]>

* Adjust JSON output formatting as an array

Signed-off-by: Matt Rutkowski <[email protected]>

* Use an ordered map to control JSON output marshaling order

Signed-off-by: Matt Rutkowski <[email protected]>

* Use an ordered map to control JSON output marshaling order

Signed-off-by: Matt Rutkowski <[email protected]>

* Use an ordered map to control JSON output marshaling order

Signed-off-by: Matt Rutkowski <[email protected]>

* Use an ordered map to control JSON output marshaling order

Signed-off-by: Matt Rutkowski <[email protected]>

* Separate format related functions into their own file

Signed-off-by: Matt Rutkowski <[email protected]>

* Separate format related functions into their own file

Signed-off-by: Matt Rutkowski <[email protected]>

* Format value for unique item error

Signed-off-by: Matt Rutkowski <[email protected]>

* Consolidate validation flags and use on top-level API call

Signed-off-by: Matt Rutkowski <[email protected]>

* Adjust JSON error result output prefix and indent

Signed-off-by: Matt Rutkowski <[email protected]>

* Add validation test case for bad iri-format

Signed-off-by: Matt Rutkowski <[email protected]>

* Add validation test case for bad iri-format

Signed-off-by: Matt Rutkowski <[email protected]>

* Consolidate persistent command flags into a struct

Signed-off-by: Matt Rutkowski <[email protected]>

* represent array type, index and item as a map in json error results

Signed-off-by: Matt Rutkowski <[email protected]>

* Support flag  true|false on validate command

Signed-off-by: Matt Rutkowski <[email protected]>

* Fix even more Sonatype errors that seem to chnage every time I touch an old file

Signed-off-by: Matt Rutkowski <[email protected]>

* Adjust help for validate given new formats/flags

Signed-off-by: Matt Rutkowski <[email protected]>

* Update README to show validate JSON output and new flags

Signed-off-by: Matt Rutkowski <[email protected]>

* buffer JSON output for unit tests

Signed-off-by: Matt Rutkowski <[email protected]>

* Update the text format logic to mirror new json formatting

Signed-off-by: Matt Rutkowski <[email protected]>

* Update the text format logic to mirror new json formatting

Signed-off-by: Matt Rutkowski <[email protected]>

* Update the text format logic to mirror new json formatting

Signed-off-by: Matt Rutkowski <[email protected]>

* Streamline json and text formatting paths

Signed-off-by: Matt Rutkowski <[email protected]>

* Adjust colorized indent to match normal indent

Signed-off-by: Matt Rutkowski <[email protected]>

* Add additional test assertions to validate # errs and error conext

Signed-off-by: Matt Rutkowski <[email protected]>

* Assure forced schema file tests reset to default schema

Signed-off-by: Matt Rutkowski <[email protected]>

---------

Signed-off-by: Matt Rutkowski <[email protected]>

* Add CycloneDX v1.5 JSON schema and update resource config (#41)

* Add CycloneDX v1.5 JSON schema and update resource config

Signed-off-by: Matt Rutkowski <[email protected]>

* Add minimal tests for 1.5 schema

Signed-off-by: Matt Rutkowski <[email protected]>

* Add minimal tests for 1.5 schema

Signed-off-by: Matt Rutkowski <[email protected]>

---------

Signed-off-by: Matt Rutkowski <[email protected]>
Signed-off-by: ajistrying <[email protected]>

* Remove invalid output file warning (#42)

Signed-off-by: Matt Rutkowski <[email protected]>
Signed-off-by: ajistrying <[email protected]>

* Put back inputFilename as parm. in os.ReadFile() call

Signed-off-by: Matt Rutkowski <[email protected]>

* Attempt to ignore underlying golang sonatype error

Signed-off-by: Matt Rutkowski <[email protected]>

* Attempt to ignore underlying golang sonatype error

Signed-off-by: Matt Rutkowski <[email protected]>

* Attempt to ignore underlying golang sonatype error

Signed-off-by: Matt Rutkowski <[email protected]>

---------

Signed-off-by: ajistrying <[email protected]>
Signed-off-by: Matt Rutkowski <[email protected]>
Co-authored-by: Matt Rutkowski <[email protected]>

Author: ajistrying

cmd/license_policy_config.go

@@ -20,7 +20,6 @@ package cmd
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"regexp"
 	"strings"
@@ -173,7 +172,7 @@ func (config *LicenseComplianceConfig) innerLoadLicensePolicies(filename string)
 	getLogger().Infof("Loading license policy config file: `%s`...", config.policyConfigFile)
 
 	// attempt to read in contents of the policy config.
-	buffer, errRead := ioutil.ReadFile(config.policyConfigFile)
+	buffer, errRead := os.ReadFile(config.policyConfigFile)
 	if errRead != nil {
 		err = fmt.Errorf("unable to `ReadFile`: `%s`", config.policyConfigFile)
 		return

go.mod

@@ -19,7 +19,6 @@ require (
 	github.com/kr/text v0.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sergi/go-diff v1.3.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect

go.sum

@@ -27,8 +27,6 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
-github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
 github.com/mrutkows/go-jsondiff v0.2.0 h1:T+05e1QSe7qB6vhkVtv3NImD3ni+Jdxpj69iMsptAqY=
 github.com/mrutkows/go-jsondiff v0.2.0/go.mod h1:TuasE0Ldrf4r1Gp0uIatS9SnPZPYybjmTGjB7WXKWl4=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=

schema/schema_custom_validation.go

@@ -20,7 +20,7 @@ package schema
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"os"
 
 	"github.com/CycloneDX/sbom-utility/utils"
 )
@@ -45,7 +45,8 @@ func LoadCustomValidationConfig(filename string) (err error) {
 	// Note we actively supply informative error messages to help user
 	// understand exactly how the load failed
 	getLogger().Infof("Loading custom validation config file: `%s`...", cfgFilename)
-	buffer, err := ioutil.ReadFile(cfgFilename)
+	// #nosec G304 (suppress warning)
+	buffer, err := os.ReadFile(cfgFilename)
 	if err != nil {
 		return fmt.Errorf("unable to `ReadFile`: `%s`", cfgFilename)
 	}

schema/schema_formats.go

@@ -20,7 +20,7 @@ package schema
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"path/filepath"
 	"reflect"
@@ -197,7 +197,8 @@ func LoadSchemaConfig(filename string) (err error) {
 	// Note we actively supply informative error messages to help user
 	// understand exactly how the load failed
 	getLogger().Tracef("Reading schema config file: `%s`...", cfgFilename)
-	buffer, err := ioutil.ReadFile(cfgFilename)
+	// #nosec G304 (suppress warning)
+	buffer, err := os.ReadFile(cfgFilename)
 	if err != nil {
 		return fmt.Errorf("unable to `ReadFile`: `%s`", cfgFilename)
 	}
@@ -356,10 +357,14 @@ func (sbom *Sbom) UnmarshalSBOMAsJsonMap() error {
 
 	// read our opened jsonFile as a byte array.
 	var errReadAll error
-	sbom.rawBytes, errReadAll = ioutil.ReadAll(jsonFile)
-	if errReadAll != nil {
-		getLogger().Error(errReadAll)
+
+	{ // #nosec
+		sbom.rawBytes, errReadAll = io.ReadAll(jsonFile)
+		if errReadAll != nil {
+			getLogger().Error(errReadAll)
+		}
 	}
+
 	getLogger().Tracef("read data from: `%s`", sbom.filename)
 	getLogger().Tracef("\n  >> rawBytes[:100]=[%s]", sbom.rawBytes[:100])