Normalize "SBOM" to "Sbom" through most of the code base (#950)

Author: DaveTryon

docs/building-from-source.md

@@ -20,7 +20,7 @@ The sbom tool code is designed to be as extensible as possible. All the interfac
 
 The `Microsoft.Sbom.Common` project contains the base of common code, constants, etc. that all the projects can call.
 
-The `Microsoft.Sbom.Contracts` project defines the interfaces that the tool uses to call the SBOM tool using a C# API. The `ISBOMGenerator` class defines two methods that the tool uses to directly call the SBOM tool from C# code. The `Microsoft.Sbom.Tool` project defines a command line interface (CLI) interface to talk to the SBOM tool.
+The `Microsoft.Sbom.Contracts` project defines the interfaces that the tool uses to call the SBOM tool using a C# API. The `ISbomGenerator` class defines two methods that the tool uses to directly call the SBOM tool from C# code. The `Microsoft.Sbom.Tool` project defines a command line interface (CLI) interface to talk to the SBOM tool.
 
 ## Building on Visual Studio
 

docs/sbom-tool-api-reference.md

@@ -27,7 +27,7 @@ Add a reference to the [Microsoft.Sbom.Api](https://www.nuget.org/packages/Micro
 
 ## Getting started
 
-The main entry point for the SBOM generator is in the `SBOMGenerator` class. In order to create an instance of the SBOMGenerator class there are a few arguments that need to be provided. These arguments can be resolved through the dependency injection framework. The following code snippet shows one way to create an instance of the SBOMGenerator class using the dependency injection framework in a pattern that is common when using this approach. Note that this approach is not the only one which will work. For example, if you'd like to avoid implementing the `IHostedService` interface, it should be possible to create a ServiceCollection without using ASP.NET as well.
+The main entry point for the SBOM generator is in the `SbomGenerator` class. In order to create an instance of the SbomGenerator class there are a few arguments that need to be provided. These arguments can be resolved through the dependency injection framework. The following code snippet shows one way to create an instance of the SbomGenerator class using the dependency injection framework in a pattern that is common when using this approach. Note that this approach is not the only one which will work. For example, if you'd like to avoid implementing the `IHostedService` interface, it should be possible to create a ServiceCollection without using ASP.NET as well.
 
 Following our suggested approach, you can create a Host and add a hosted service that will call the SBOM API along with its dependencies. By calling `.AddSbomTool()` on the service collection, the SBOM API will be added to the dependency injection framework and can be resolved by the hosted service. The hosted service can then be started by calling `RunConsoleAsync` on the host.
 
@@ -56,7 +56,7 @@ class Program
 Now that the entry point is set up, we can define the hosted service. In this example, we will use the `GenerationService` class (This class is user defined) as the hosted service. The `GenerationService` class will be responsible for calling the SBOM API and generating the SBOM.
 The following snippet shows how to set up the `GenerationService` class so that arguments are resolved through DI.
 
-In this approach, your class must implement the `IHostedService` interface and provide an implementation for the `StartAsync` and `StopAsync` methods. Now you can pass an instance of the `ISBOMGenerator` interface to the constructor of your class. This interface is provided by the SBOM API and can be resolved by the DI framework. The `ISBOMGenerator` interface provides the methods to generate the SBOM.
+In this approach, your class must implement the `IHostedService` interface and provide an implementation for the `StartAsync` and `StopAsync` methods. Now you can pass an instance of the `ISbomGenerator` interface to the constructor of your class. This interface is provided by the SBOM API and can be resolved by the DI framework. The `ISbomGenerator` interface provides the methods to generate the SBOM.
 
 Descriptions of the arguments to the `GenerateSbomAsync` method can be found [here](#scan-based-sbom-generator-api) and [here](#self-provided-data-based-sbom-generator-api) and can be defined anywhere necessary as long as they are passed to the `GenerateSbomAsync` method.
 
@@ -68,9 +68,9 @@ namespace SBOMApiExample
 {
     public class GenerationService: IHostedService
     {
-        private readonly ISBOMGenerator generator;
+        private readonly ISbomGenerator generator;
         private readonly IHostApplicationLifetime hostApplicationLifetime;
-        public GenerationService(ISBOMGenerator generator, IHostApplicationLifetime hostApplicationLifetime)
+        public GenerationService(ISbomGenerator generator, IHostApplicationLifetime hostApplicationLifetime)
         {
             this.generator = generator;
             this.hostApplicationLifetime = hostApplicationLifetime;
@@ -99,22 +99,22 @@ The generator object provides two different API implementations for creating the
 
 Below are 2 additional helper methods.
 
-### GetSupportedSBOMSpecifications
+### `GetSupportedSbomSpecifications`
 
-The `SBOMSpecification` object represents a SBOM format. Each `SBOMSpecification` contains a `name` and a `version`. This structure defines a single format of SBOM.  Sample SPDX version 2.2 format representations include:
+The `SbomSpecification` object represents a SBOM format. Each `SbomSpecification` contains a `name` and a `version`. This structure defines a single format of SBOM.  Sample SPDX version 2.2 format representations include:
 
 ```C#
 using Microsoft.Sbom.Contracts;
 
-var spdx22Specification = new SBOMSpecification("SPDX", "2.2");
+var spdx22Specification = new SbomSpecification("SPDX", "2.2");
 ```
 
 While this API supports the creation of a SBOM output file in multiple formats, it currently only supports the SPDX version 2.2 architecture. Users looking to implement other SBOM architectures can use this API call, which provides the full list of all supported formats.
 
 ```C#
 using Xunit;
 
-var specifications = generator.GetSupportedSBOMSpecifications();
+var specifications = generator.GetSupportedSbomSpecifications();
 
 Assert.True(specifications.Count() == 1);
 Assert.Equal("SPDX", specifications.First().Name);
@@ -139,12 +139,12 @@ This API is a useful tool when utilizing the self-provided data-based API. The A
 
 In order to call the API, the user must first include a minimum of one required object and one optional data object.
 
-### SBOM Metadata
+### SbomMetadata
 
-The `SBOMMetadata` object provides the API with additional metadata for use in configuring output metadata values in the SBOM file, e.g., product name or version:
+The `SbomMetadata` object provides the API with additional metadata for use in configuring output metadata values in the SBOM file, e.g., product name or version:
 
 ```C#
-SBOMMetadata metadata = new SBOMMetadata()
+SbomMetadata metadata = new SbomMetadata()
 {
     PackageName = "MyProject", //Required
     PackageVersion = "0.0.1", // Required
@@ -190,23 +190,23 @@ Assert.False(result.Errors.Any());
 * The `rootPath` dictates the destination path for publishing the build artifacts. The API will scan all files in 'rootPath' and will subsequently add them to the 'files' section in the SBOM output file. If the command does not include the `manifestDirPath` parameter, the tool will generate the SBOM inside the default `_manifest` folder.
 * The `componentPath` parameter normally contains the source folder, which the API will search for dependency components. The 'packages' section in the SBOM file will list the discovered components.
 
-* The `metadata` and `configuration` parameters accept the [`SBOMMetadata`](#sbommetadata) and [`RuntimeConfiguration`](#runtimeconfiguration) objects respectively.
+* The `metadata` and `configuration` parameters accept the [`SbomMetadata`](#sbommetadata) and [`RuntimeConfiguration`](#runtimeconfiguration) objects respectively.
 * As desired, the `manifestDirPath` parameter allows users to specify a full folder path if they want the API to save the SBOM to a directory other than the default `_manifest` location.  The API will store the SBOM file in the `_manifest` subfolder under the user-specified path.
 
-The API asynchronously returns a `SBOMGenerationResult` object. A successful SBOM file generation will set the `IsSuccessful` flag value to `true`.  A failed generation run will add the errors to the `Errors` list.
+The API asynchronously returns a `SbomGenerationResult` object. A successful SBOM file generation will set the `IsSuccessful` flag value to `true`.  A failed generation run will add the errors to the `Errors` list.
 
 ## Self-provided data-based SBOM generator API
 
 There might be occasions where users do not want the API to scan for the target components.  The self-provided data-based API is an ideal choice for those scenarios where users have the list of files and packages for inclusion in the SBOM file.  The self-provided data-based SBOM generator API gives users the ability to serialize the data in the desired format.
 
 Users will still have to provide the metadata and runtime objects for this API.
 
-### SBOMFile
+### SbomFile
 
-`Path` and `Checksum` are the only required properties for use in the `SBOMFile` object in order to represent a file inside the SBOM.  The API will serialize any additional values unchanged "as-is" in the output SBOM file.
+`Path` and `Checksum` are the only required properties for use in the `SbomFile` object in order to represent a file inside the SBOM.  The API will serialize any additional values unchanged "as-is" in the output SBOM file.
 
 ```C#
-var file = new SBOMFile
+var file = new SbomFile
 {
     Path = "./tmp/file2.txt",
     Checksum = new List<Checksum>
@@ -219,12 +219,12 @@ var file = new SBOMFile
 
 The API looks for a relative path starting with a period `.`.  All path separators should include forward slashes `/` in compliance with the SPDX version 2.2 specification.
 
-### SBOMPackage
+### SbomPackage
 
-'SBOMPackage' represents a dependency component for the product. The `PackageName` is the only required property. The API will serialize all other properties unchanged "as-is" in the final output SBOM file.
+'SbomPackage' represents a dependency component for the product. The `PackageName` is the only required property. The API will serialize all other properties unchanged "as-is" in the final output SBOM file.
 
 ```C#
-var package = new SBOMPackage
+var package = new SbomPackage
 {
     PackageName = "com.test.Foo",
 
@@ -236,7 +236,7 @@ You can call the API as shown below:
 ```C#
 using Microsoft.Sbom.Contracts.Enums;
 
-var result = await generator.GenerateSBOMAsync(rootPath: scanPath,           
+var result = await generator.GenerateSbomAsync(rootPath: scanPath,           
                                                files: sbomFiles,
                                                packages: sbomPackages,
                                                metadata: metadata,
@@ -245,14 +245,14 @@ var result = await generator.GenerateSBOMAsync(rootPath: scanPath,
 ```
 
 * The `rootPath` specifies the path for placing the output SBOM file. User specifying the destination path with the `manifestDirPath` parameter can  utilize the `null` value for `rootPath`.
-* The `files` parameter contains a list of `SBOMFile` objects.
-* The `packages` parameter contains a list of `SBOMPackage` objects.
-* The `metadata` and `runtimeConfiguration` parameters accept the [`SBOMMetadata`](#sbommetadata) and [`RuntimeConfiguration`](#runtimeconfiguration) objects (respectively).
+* The `files` parameter contains a list of `SbomFile` objects.
+* The `packages` parameter contains a list of `SbomPackage` objects.
+* The `metadata` and `runtimeConfiguration` parameters accept the [`SbomMetadata`](#sbommetadata) and [`RuntimeConfiguration`](#runtimeconfiguration) objects (respectively).
 * If users want the API to generate the output SBOM in a different folder other the default location, they need to provide the path in the `manifestDirPath` parameter. Users will find the SBOM file under the `_manifest` directory at the user-specified path.
 
 ## SBOM Validation
 
-Now that you have generated the SBOM file, you can validate it using the `SBOMValidator` class. Setup for this will be very similar to the `SBOMGenerator` class. Here is an example:
+Now that you have generated the SBOM file, you can validate it using the `SbomValidator` class. Setup for this will be very similar to the `SbomGenerator` class. Here is an example:
 
 ```C#
 using Microsoft.Extensions.DependencyInjection;
@@ -276,7 +276,7 @@ class Program
 }
 ```
 
-After the Host is set up, you can inject the `ISBOMValidator` interface into your service and use it to validate the SBOM file. Here is an example:
+After the Host is set up, you can inject the `ISbomValidator` interface into your service and use it to validate the SBOM file. Here is an example:
 Note that the only arguments required are the `buildDropPath`,  the `outputPath`, and the `SbomSpecification`. The `buildDropPath` is the path to the directory containing the _manifest directory. The `outPath` is the path to the file where the validation output will be written. The only `SbomSpecification` currently supported is `SPDX 2.2`.
 All other arguments are optional.
 
@@ -288,11 +288,11 @@ namespace SBOMApiExample
 {
     public class ValidationService : IHostedService
     {
-        private readonly ISBOMValidator sbomValidator;
+        private readonly ISbomValidator sbomValidator;
         private readonly IHostApplicationLifetime hostApplicationLifetime;
 
         public ValidationService(
-        ISBOMValidator sbomValidator,
+        ISbomValidator sbomValidator,
         IHostApplicationLifetime hostApplicationLifetime)
         {
             this.sbomValidator = sbomValidator;

…omponentDetectionToSBOMPackageAdapter.cs …omponentDetectionToSbomPackageAdapter.cssrc/Microsoft.Sbom.Adapters/ComponentDetectionToSBOMPackageAdapter.cs renamed to src/Microsoft.Sbom.Adapters/ComponentDetectionToSbomPackageAdapter.cs src/Microsoft.Sbom.Adapters/ComponentDetectionToSBOMPackageAdapter.cs renamed to src/Microsoft.Sbom.Adapters/ComponentDetectionToSbomPackageAdapter.cs

@@ -12,7 +12,7 @@
 
 namespace Microsoft.Sbom.Adapters;
 
-public class ComponentDetectionToSBOMPackageAdapter
+public class ComponentDetectionToSbomPackageAdapter
 {
     /// <summary>
     /// Parses the output from Component Detection and converts it into a list of <see cref="SbomPackage"/> objects.

src/Microsoft.Sbom.Api/Config/ApiConfigurationBuilder.cs

@@ -37,7 +37,7 @@ public static InputConfiguration GetConfiguration(
         string manifestDirPath,
         IEnumerable<SbomFile> files,
         IEnumerable<SbomPackage> packages,
-        SBOMMetadata metadata,
+        SbomMetadata metadata,
         IList<SbomSpecification> specifications = null,
         RuntimeConfiguration runtimeConfiguration = null,
         string externalDocumentReferenceListFile = null,
@@ -195,7 +195,7 @@ private static ConfigurationSetting<T> GetConfigurationSetting<T>(T value)
         return new ConfigurationSetting<T>
         {
             Value = value,
-            Source = SettingSource.SBOMApi
+            Source = SettingSource.SbomApi
         };
     }
 

src/Microsoft.Sbom.Api/Config/ConfigSanitizer.cs

@@ -27,7 +27,7 @@ public class ConfigSanitizer
     private readonly IFileSystemUtils fileSystemUtils;
     private readonly IAssemblyConfig assemblyConfig;
 
-    internal static string SBOMToolVersion => VersionValue.Value;
+    internal static string SbomToolVersion => VersionValue.Value;
 
     private static readonly Lazy<string> VersionValue = new Lazy<string>(() => typeof(SbomToolCmdRunner).GetTypeInfo().Assembly.GetCustomAttribute<AssemblyInformationalVersionAttribute>()?.InformationalVersion ?? string.Empty);
 
@@ -208,15 +208,15 @@ private ConfigurationSetting<AlgorithmName> GetHashAlgorithmName(IConfiguration
     private ConfigurationSetting<string> GetNamespaceBaseUri(IConfiguration configuration, ILogger logger)
     {
         // If assembly name is not defined but a namespace was provided, then return the current value.
-        if (string.IsNullOrWhiteSpace(assemblyConfig.DefaultSBOMNamespaceBaseUri) && !string.IsNullOrEmpty(configuration.NamespaceUriBase?.Value))
+        if (string.IsNullOrWhiteSpace(assemblyConfig.DefaultSbomNamespaceBaseUri) && !string.IsNullOrEmpty(configuration.NamespaceUriBase?.Value))
         {
             return configuration.NamespaceUriBase;
         }
 
         // If assembly name is not defined and namespace was not provided then return the default namespace as per spdx spec https://spdx.github.io/spdx-spec/v2.2.2/document-creation-information/#653-examples.
-        if (string.IsNullOrWhiteSpace(assemblyConfig.DefaultSBOMNamespaceBaseUri) && string.IsNullOrEmpty(configuration.NamespaceUriBase?.Value))
+        if (string.IsNullOrWhiteSpace(assemblyConfig.DefaultSbomNamespaceBaseUri) && string.IsNullOrEmpty(configuration.NamespaceUriBase?.Value))
         {
-            var defaultNamespaceUriBase = $"https://spdx.org/spdxdocs/sbom-tool-{SBOMToolVersion}-{Guid.NewGuid()}";
+            var defaultNamespaceUriBase = $"https://spdx.org/spdxdocs/sbom-tool-{SbomToolVersion}-{Guid.NewGuid()}";
 
             logger.Information($"No namespace URI base provided, using unique generated default value {defaultNamespaceUriBase}");
 
@@ -231,7 +231,7 @@ private ConfigurationSetting<string> GetNamespaceBaseUri(IConfiguration configur
         // show a warning on the console.
         if (!string.IsNullOrWhiteSpace(configuration.NamespaceUriBase?.Value))
         {
-            if (!string.IsNullOrWhiteSpace(assemblyConfig.DefaultSBOMNamespaceBaseUri))
+            if (!string.IsNullOrWhiteSpace(assemblyConfig.DefaultSbomNamespaceBaseUri))
             {
                 logger.Information("Custom namespace URI base provided, using provided value instead of default");
             }
@@ -242,7 +242,7 @@ private ConfigurationSetting<string> GetNamespaceBaseUri(IConfiguration configur
         return new ConfigurationSetting<string>
         {
             Source = SettingSource.Default,
-            Value = assemblyConfig.DefaultSBOMNamespaceBaseUri
+            Value = assemblyConfig.DefaultSbomNamespaceBaseUri
         };
     }
 

src/Microsoft.Sbom.Api/Config/SbomToolCmdRunner.cs

@@ -14,7 +14,7 @@ namespace Microsoft.Sbom.Api.Config;
 [ArgProductName("sbom-tool")]
 public class SbomToolCmdRunner
 {
-    internal static string SBOMToolVersion => VersionValue.Value;
+    internal static string SbomToolVersion => VersionValue.Value;
 
     private static readonly Lazy<string> VersionValue = new Lazy<string>(() =>
     {
@@ -86,9 +86,9 @@ public RedactArgs Redact(RedactArgs redactArgs)
     [ArgDescription("Displays the version of the tool being used. Can be used as '--version'")]
     public void Version()
     {
-        if (!string.IsNullOrEmpty(SBOMToolVersion))
+        if (!string.IsNullOrEmpty(SbomToolVersion))
         {
-            Console.WriteLine(SBOMToolVersion);
+            Console.WriteLine(SbomToolVersion);
         }
         else
         {

src/Microsoft.Sbom.Api/Config/Validators/ConfigValidator.cs

@@ -98,7 +98,7 @@ public void Validate(string propertyName, object propertyValue, AttributeCollect
 
     private bool NamespaceUriBaseIsNullOrHasDefaultValue(object propertyValue)
     {
-        var defaultProperty = assemblyConfig.DefaultSBOMNamespaceBaseUri;
+        var defaultProperty = assemblyConfig.DefaultSbomNamespaceBaseUri;
 
         if (propertyValue == null || !string.IsNullOrEmpty(defaultProperty))
         {

src/Microsoft.Sbom.Api/Executors/ConcurrentSha256HashValidator.cs

@@ -79,7 +79,7 @@ private async Task Validate(InternalSbomFileInfo internalFileInfo, Channel<FileV
         // If we have the files from both locations present in the hash, validate if the hashes match.
         if (newValue?.FileLocation == Sbom.Entities.FileLocation.All)
         {
-            if (string.Equals(newValue.OnDiskHash?.ChecksumValue, newValue.SBOMFileHash?.ChecksumValue, StringComparison.InvariantCultureIgnoreCase))
+            if (string.Equals(newValue.OnDiskHash?.ChecksumValue, newValue.SbomFileHash?.ChecksumValue, StringComparison.InvariantCultureIgnoreCase))
             {
                 await output.Writer.WriteAsync(new FileValidationResult { Path = internalFileInfo.Path });
             }