Merge pull request #2 from CycloneDX/fix/tidy-up-build-remove-pip

fix(build): removed artefacts associated with non-poetry build

.gitignore

@@ -18,7 +18,4 @@ venv/*
 
 # Exlude IDE related files
 .idea/*
-.vscode/*
-
-# ci config for local ci build
-/.circleci/local-config.yml
+.vscode/*

README.md

@@ -1,12 +1,12 @@
 # Python Library for generating CycloneDX
 
-![GitHub Workflow Status](https://img.shields.io/github/workflow/status/sonatype-nexus-community/cyclonedx-python-lib/Python%20CI)
+![GitHub Workflow Status](https://img.shields.io/github/workflow/status/CycloneDX/cyclonedx-python-lib/Python%20CI)
 ![Python Version Support](https://img.shields.io/badge/python-3.6+-blue)
 ![PyPI Version](https://img.shields.io/pypi/v/cyclonedx-python-lib?label=PyPI&logo=pypi)
-[![GitHub license](https://img.shields.io/github/license/sonatype-nexus-community/cyclonedx-python-lib)](https://github.com/sonatype-nexus-community/cyclonedx-python-lib/blob/main/LICENSE)
-[![GitHub issues](https://img.shields.io/github/issues/sonatype-nexus-community/cyclonedx-python-lib)](https://github.com/sonatype-nexus-community/cyclonedx-python-lib/issues)
-[![GitHub forks](https://img.shields.io/github/forks/sonatype-nexus-community/cyclonedx-python-lib)](https://github.com/sonatype-nexus-community/cyclonedx-python-lib/network)
-[![GitHub stars](https://img.shields.io/github/stars/sonatype-nexus-community/cyclonedx-python-lib)](https://github.com/sonatype-nexus-community/cyclonedx-python-lib/stargazers)
+[![GitHub license](https://img.shields.io/github/license/CycloneDX/cyclonedx-python-lib)](https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE)
+[![GitHub issues](https://img.shields.io/github/issues/CycloneDX/cyclonedx-python-lib)](https://github.com/sCycloneDX/cyclonedx-python-lib/issues)
+[![GitHub forks](https://img.shields.io/github/forks/CycloneDX/cyclonedx-python-lib)](https://github.com/CycloneDX/cyclonedx-python-lib/network)
+[![GitHub stars](https://img.shields.io/github/stars/CycloneDX/cyclonedx-python-lib)](https://github.com/CycloneDX/cyclonedx-python-lib/stargazers)
 
 ----
 
@@ -175,6 +175,10 @@ _Note: We refer throughout using XPath, but the same is true for both XML and JS
 We endeavour to support all functionality for all [current actively supported Python versions](https://www.python.org/downloads/).
 However, some features may not be possible/present in older Python versions due to their lack of support.
 
+## Changelog
+
+See our [CHANGELOG](./CHANGELOG.md).
+
 ## Copyright & License
 CycloneDX Python Lib is Copyright (c) OWASP Foundation. All Rights Reserved.
 

pyproject.toml

@@ -3,6 +3,7 @@ name = "cyclonedx-python-lib"
 version = "0.0.10"
 description = "A library for producing CycloneDX SBOM (Software Bill of Materials) files."
 authors = ["Paul Horton <phorton@sonatype.com>"]
+maintainers = ["Paul Horton <phorton@sonatype.com>"]
 license = "Apache-2.0"
 readme = "README.md"
 homepage = "https://github.com/CycloneDX/cyclonedx-python-lib"
@@ -13,6 +14,27 @@ packages = [
 include = [
     "LICENSE"
 ]
+classifiers = [
+    'Development Status :: 5 - Production/Stable',
+    'Intended Audience :: Developers',
+    'Intended Audience :: Information Technology',
+    'Intended Audience :: Legal Industry',
+    'Intended Audience :: System Administrators',
+    'Topic :: Security',
+    'Topic :: Software Development',
+    'Topic :: System :: Software Distribution',
+    'License :: OSI Approved :: Apache Software License',
+    'Programming Language :: Python :: 3.6',
+    'Programming Language :: Python :: 3.7',
+    'Programming Language :: Python :: 3.8',
+    'Programming Language :: Python :: 3.9'
+]
+keywords = [
+    "BOM", "SBOM", "SCA", "OWASP"
+]
+
+[tool.poetry.urls]
+"Bug Tracker" = "https://github.com/CycloneDX/cyclonedx-python-lib/issues"
 
 [tool.poetry.dependencies]
 python = "^3.6"
@@ -24,6 +46,7 @@ importlib-metadata = "^4.8.1"
 [tool.poetry.dev-dependencies]
 tox = "^3.24.3"
 coverage = "^5.5"
+flake8 = "^3.9.2"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

tests/test_e2e_environment.py

@@ -18,60 +18,56 @@
 # Copyright (c) OWASP Foundation. All Rights Reserved.
 
 import json
-import os
 from unittest import TestCase
 from xml.etree import ElementTree
 
+import pkg_resources
+
 from cyclonedx.model.bom import Bom
 from cyclonedx.output import get_instance, OutputFormat
 from cyclonedx.output.json import Json
 from cyclonedx.output.xml import Xml
 from cyclonedx.parser.environment import EnvironmentParser
 
+OUR_PACKAGE_NAME: str = 'cyclonedx-python-lib'
+OUR_PACKAGE_VERSION: str = pkg_resources.get_distribution(OUR_PACKAGE_NAME).version
+OUR_PACKAGE_AUTHOR: str = 'Paul Horton'
 
-class TestE2EEnvironment(TestCase):
-    _our_package_version: str
-
-    @classmethod
-    def setUpClass(cls) -> None:
-        with open(os.path.join(os.path.realpath(os.path.join(os.path.dirname(os.path.realpath(__file__)), '../')),
-                               'VERSION')) as _our_version:
-            cls._our_package_version = _our_version.read()
 
-        _our_version.close()
+class TestE2EEnvironment(TestCase):
 
     def test_json_defaults(self):
         outputter: Json = get_instance(bom=Bom.from_parser(EnvironmentParser()), output_format=OutputFormat.JSON)
         bom_json = json.loads(outputter.output_as_string())
         component_this_library = next(
             (x for x in bom_json['components'] if
-             x['purl'] == 'pkg:pypi/cyclonedx-python-lib@{}'.format(TestE2EEnvironment._our_package_version)), None
+             x['purl'] == 'pkg:pypi/{}@{}'.format(OUR_PACKAGE_NAME, OUR_PACKAGE_VERSION)), None
         )
 
         self.assertTrue('author' in component_this_library.keys(), 'author is missing from JSON BOM')
-        self.assertEqual(component_this_library['author'], 'Sonatype Community')
-        self.assertEqual(component_this_library['name'], 'cyclonedx-python-lib')
-        self.assertEqual(component_this_library['version'], TestE2EEnvironment._our_package_version)
+        self.assertEqual(component_this_library['author'], OUR_PACKAGE_AUTHOR)
+        self.assertEqual(component_this_library['name'], OUR_PACKAGE_NAME)
+        self.assertEqual(component_this_library['version'], OUR_PACKAGE_VERSION)
 
     def test_xml_defaults(self):
         outputter: Xml = get_instance(bom=Bom.from_parser(EnvironmentParser()))
 
         # Check we have cyclonedx-python-lib with Author, Name and Version
         bom_xml_e = ElementTree.fromstring(outputter.output_as_string())
         component_this_library = bom_xml_e.find('./{{{}}}components/{{{}}}component[@bom-ref=\'pkg:pypi/{}\']'.format(
-            outputter.get_target_namespace(), outputter.get_target_namespace(), 'cyclonedx-python-lib@{}'.format(
-                TestE2EEnvironment._our_package_version
+            outputter.get_target_namespace(), outputter.get_target_namespace(), '{}@{}'.format(
+                OUR_PACKAGE_NAME, OUR_PACKAGE_VERSION
             )
         ))
 
         author = component_this_library.find('./{{{}}}author'.format(outputter.get_target_namespace()))
         self.assertIsNotNone(author, 'No author element but one was expected.')
-        self.assertEqual(author.text, 'Sonatype Community')
+        self.assertEqual(author.text, OUR_PACKAGE_AUTHOR)
 
         name = component_this_library.find('./{{{}}}name'.format(outputter.get_target_namespace()))
         self.assertIsNotNone(name, 'No name element but one was expected.')
-        self.assertEqual(name.text, 'cyclonedx-python-lib')
+        self.assertEqual(name.text, OUR_PACKAGE_NAME)
 
         version = component_this_library.find('./{{{}}}version'.format(outputter.get_target_namespace()))
         self.assertIsNotNone(version, 'No version element but one was expected.')
-        self.assertEqual(version.text, TestE2EEnvironment._our_package_version)
+        self.assertEqual(version.text, OUR_PACKAGE_VERSION)

tox.ini

@@ -1,19 +1,21 @@
 [tox]
-minversion=3.9.0
+basepython = python3.9
 envlist = flake8,py3.9,py3.8,py3.7,py3.6
+isolated_build = True
 
 [testenv]
-deps =
-    -r{toxinidir}/requirements-test.txt
-commands = coverage run --source=cyclonedx -m unittest discover -s tests
+whitelist_externals = poetry
+commands =
+    pip install poetry
+    poetry install -v
+    poetry run coverage run --source=cyclonedx -m unittest discover -s tests
 
 [testenv:flake8]
-basepython = python3
-skip_install = true
-deps =
-    flake8
-    -r{toxinidir}/requirements-test.txt
-commands = flake8 cyclonedx/ tests/ setup.py
+skip_install = True
+commands =
+    pip install poetry
+    poetry install -v
+    poetry run flake8 cyclonedx/ tests/
 
 [flake8]
 ignore = E305