Update README to reflect new columns on resource list command

Signed-off-by: Matt Rutkowski <[email protected]>

README.md

@@ -1276,21 +1276,22 @@ Currently, all `resource list` command results are sorted by resource `type` the
 ```
 
 ```bash
-type       name               version  bom-ref
-----       ----               -------  -------
-component  ACME Application   2.0.0    pkg:app/[email protected]
-component  Library A          1.0.0    pkg:lib/[email protected]
-component  Library B          1.0.0    pkg:lib/[email protected]
-component  Library C          1.0.0    pkg:lib/[email protected]
-component  Library D          1.0.0    pkg:lib/[email protected]
-component  Library E          1.0.0    pkg:lib/[email protected]
-component  Library F          1.0.0    pkg:lib/[email protected]
-component  Library G          1.0.0    pkg:lib/[email protected]
-component  Library H          1.0.0    pkg:lib/[email protected]
-component  Library J          1.0.0    pkg:lib/[email protected]
-component  Library NoLicense  1.0.0    pkg:lib/[email protected]
-service    Bar                         service:example.com/myservices/bar
-service    Foo                         service:example.com/myservices/foo
+resource-type  group   name               version  description                       bom-ref
+-------------  -----   ----               -------  -----------                       -------
+component              ACME Application   2.0.0    ACME sample application           pkg:app/[email protected]
+component              Library A          1.0.0    Library A description             pkg:lib/[email protected]
+component              Library C          1.0.0    Library C description.            pkg:lib/[email protected]
+component              Library F          1.0.0    Library F description.            pkg:lib/[email protected]
+component              Library G          1.0.0    Library G description.            pkg:lib/[email protected]
+component              Library H          1.0.0    Library H description.            pkg:lib/[email protected]
+component              Library NoLicense  1.0.0    Library "NoLicense" description.  pkg:lib/[email protected]
+component      blue    Library B          1.0.0    Library B description.            pkg:lib/[email protected]
+component      blue    Library E          1.0.0    Library E description.            pkg:lib/[email protected]
+component      green   Library D          1.0.0    Library D description.            pkg:lib/[email protected]
+component      green   Library J          1.0.0    Library J description.            pkg:lib/[email protected]
+service                Bar                         Bar service                       service:example.com/myservices/bar
+service                Foo                         Foo service                       service:example.com/myservices/foo
+
 ```
 
 ##### Example: resource list using `--type service`
@@ -1302,10 +1303,16 @@ This example uses the `type` flag to specific `service`.  The other valid type i
 ```
 
 ```bash
-type     name    version  bom-ref
-----     ----    -------  -------
-service  Bar              service:example.com/myservices/bar
-service  Foo              service:example.com/myservices/foo
+resource-type  group   name    version  description  bom-ref
+-------------  -----   ----    -------  -----------  -------
+service                Bar              Bar service  service:example.com/myservices/bar
+service                Foo              Foo service  service:example.com/myservices/foo
+```
+
+**Note** The results would be equivalent to using the `--where` filter:
+
+```bash
+./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --where "resource-type=service" --quiet
 ```
 
 ##### Example: list with `name` regex match
@@ -1317,9 +1324,9 @@ This example uses the `where` filter on the `name` field. In this case we supply
 ```
 
 ```bash
-type       name       version  bom-ref
-----       ----       -------  -------
-component  Library A  1.0.0    pkg:lib/[email protected]
+resource-type  group   name       version  description            bom-ref
+-------------  -----   ----       -------  -----------            -------
+component              Library A  1.0.0    Library A description  pkg:lib/[email protected]
 ```
 
 ---

schema/bom_hash.go

@@ -79,7 +79,7 @@ func (bom *BOM) HashmapComponents(components []CDXComponent, whereFilters []comm
 // Hash a CDX Component and recursively those of any "nested" components
 // TODO: we should WARN if version is not a valid semver (e.g., examples/cyclonedx/BOM/laravel-7.12.0/bom.1.3.json)
 // TODO: Use pointer for CDXComponent
-func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []common.WhereFilter, root bool) (hashed bool, err error) {
+func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []common.WhereFilter, isRoot bool) (hashed bool, err error) {
 	getLogger().Enter()
 	defer getLogger().Exit(err)
 	//var componentInfo CDXResourceInfo
@@ -103,23 +103,24 @@ func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []commo
 		getLogger().Warningf("component named `%s` missing `bom-ref`", cdxComponent.Name)
 	}
 
-	// hash any component w/o a license using special key name
-	componentInfo.IsRoot = root
-	componentInfo.ResourceType = RESOURCE_TYPE_COMPONENT
-	componentInfo.Component = cdxComponent
-	componentInfo.Name = cdxComponent.Name
-	if cdxComponent.BOMRef != nil {
-		ref := *cdxComponent.BOMRef
-		componentInfo.BOMRef = ref.String()
-	}
-	componentInfo.Group = cdxComponent.Group
-	componentInfo.Description = cdxComponent.Description
-	componentInfo.Version = cdxComponent.Version
-	if cdxComponent.Supplier != nil {
-		componentInfo.SupplierProvider = cdxComponent.Supplier
-	}
-	componentInfo.Properties = cdxComponent.Properties
-	componentInfo.Type = cdxComponent.Type
+	// // hash any component w/o a license using special key name
+	// componentInfo.IsRoot = root
+	// componentInfo.ResourceType = RESOURCE_TYPE_COMPONENT
+	// componentInfo.Component = cdxComponent
+	// componentInfo.Name = cdxComponent.Name
+	// if cdxComponent.BOMRef != nil {
+	// 	ref := *cdxComponent.BOMRef
+	// 	componentInfo.BOMRef = ref.String()
+	// }
+	// componentInfo.Group = cdxComponent.Group
+	// componentInfo.Description = cdxComponent.Description
+	// componentInfo.Version = cdxComponent.Version
+	// if cdxComponent.Supplier != nil {
+	// 	componentInfo.SupplierProvider = cdxComponent.Supplier
+	// }
+	// componentInfo.Properties = cdxComponent.Properties
+	// componentInfo.Type = cdxComponent.Type
+	componentInfo.MapCDXComponentData(cdxComponent, isRoot)
 
 	var match bool = true
 	if len(whereFilters) > 0 {
@@ -137,7 +138,7 @@ func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []commo
 	// Recursively hash licenses for all child components (i.e., hierarchical composition)
 	pComponent := cdxComponent.Components
 	if pComponent != nil && len(*pComponent) > 0 {
-		err = bom.HashmapComponents(*cdxComponent.Components, whereFilters, root)
+		err = bom.HashmapComponents(*cdxComponent.Components, whereFilters, isRoot)
 		if err != nil {
 			return
 		}

schema/cyclonedx_abstractions.go

@@ -81,6 +81,26 @@ type CDXComponentInfo struct {
 	CDXResourceInfo
 }
 
+func (componentInfo *CDXComponentInfo) MapCDXComponentData(cdxComponent CDXComponent, isRoot bool) {
+	// hash any component w/o a license using special key name
+	componentInfo.IsRoot = isRoot
+	componentInfo.ResourceType = RESOURCE_TYPE_COMPONENT
+	componentInfo.Component = cdxComponent
+	componentInfo.Name = cdxComponent.Name
+	if cdxComponent.BOMRef != nil {
+		ref := *cdxComponent.BOMRef
+		componentInfo.BOMRef = ref.String()
+	}
+	componentInfo.Group = cdxComponent.Group
+	componentInfo.Description = cdxComponent.Description
+	componentInfo.Version = cdxComponent.Version
+	if cdxComponent.Supplier != nil {
+		componentInfo.SupplierProvider = cdxComponent.Supplier
+	}
+	componentInfo.Properties = cdxComponent.Properties
+	componentInfo.Type = cdxComponent.Type
+}
+
 // -------------------
 // Services
 // -------------------