fix(golangBuild): pinversion of cyclonedx (#4368)

* output version pin for cyclonedx * test fix --------- Co-authored-by: Vyacheslav Starostin <32613074+vstarostin@users.noreply.github.com>
2024-12-12 10:55:20 +02:00 · 2023-05-30 15:06:34 +05:00 · 2023-05-30 15:06:34 +05:00 · 7f2e58b211
commit 7f2e58b211
parent 5ab432b804
2 changed files with 2 additions and 2 deletions
--- a/cmd/golangBuild.go
+++ b/cmd/golangBuild.go
@ -570,7 +570,7 @@ func lookupGolangPrivateModulesRepositories(goModFile *modfile.File, globPattern
 }

 func runBOMCreation(utils golangBuildUtils, outputFilename string) error {
-	if err := utils.RunExecutable("cyclonedx-gomod", "mod", "-licenses", "-test", "-output", outputFilename); err != nil {
+	if err := utils.RunExecutable("cyclonedx-gomod", "mod", "-licenses", "-test", "-output", outputFilename, "-output-version", "1.4"); err != nil {
 		return fmt.Errorf("BOM creation failed: %w", err)
 	}
 	return nil
--- a/cmd/golangBuild_test.go
+++ b/cmd/golangBuild_test.go
@ -286,7 +286,7 @@ go 1.17`
 		assert.Equal(t, "go", utils.ExecMockRunner.Calls[0].Exec)
 		assert.Equal(t, []string{"install", "github.com/CycloneDX/cyclonedx-gomod/cmd/cyclonedx-gomod@latest"}, utils.ExecMockRunner.Calls[0].Params)
 		assert.Equal(t, "cyclonedx-gomod", utils.ExecMockRunner.Calls[1].Exec)
-		assert.Equal(t, []string{"mod", "-licenses", "-test", "-output", "bom-golang.xml"}, utils.ExecMockRunner.Calls[1].Params)
+		assert.Equal(t, []string{"mod", "-licenses", "-test", "-output", "bom-golang.xml", "-output-version", "1.4"}, utils.ExecMockRunner.Calls[1].Params)
 		assert.Equal(t, "go", utils.ExecMockRunner.Calls[2].Exec)
 		assert.Equal(t, []string{"build", "-trimpath"}, utils.ExecMockRunner.Calls[2].Params)
 	})