tools-python
tools-python copied to clipboard
spdx
A Python library to parse, validate and create SPDX documents.
Hello everyone, This is my first issue to this repository. I am new to SPDX and apologize for possible misunderstanding of the intentions behind the code I am modifying. I...
This PR fixes the issue [**#165**](https://github.com/spdx/ntia-conformance-checker/issues/165) from `ntia-conformance-checker` repo.
Why use uritools instead of the standard library urllib? Are there specific cases that really demand adding an extra dependency? It seems barely used https://github.com/search?q=repo%3Aspdx%2Ftools-python+uritools+language%3APython&type=code&l=Python and it would be best...
The semantic_version library has been added as a dependency but none of its features are used. Why adding a dependency when storing a simple string is just as good?
I have an application where am using multi threading approach for parsing SPDX file. While using parse_file() function defined at "src/spdx_tools/spdx/parser/parse_anything.py" inside my thread function, sometimes I am running into...
The validation of the cpe23Type does not support strings such as `cpe:2.3:a:ahmed_h.:spdx-tools:0.8.3.dev1+g8050fd9c:*:*:*:*:*:*:*` The version string contains + `cpe:2.3:a:debian_gcc_maintainers:libstdc++6:12.2.0-9:*:*:*:*:*:*:*` The product name contains +. The cpe definition states a product name...
Fixes https://github.com/spdx/tools-python/issues/790 I am by no means a python expert, please let me know if there are more idiomatic ways to solve this. After this change: ``` $ time pyspdxtools...
As an addition to #305 this issue should be used to increase the test coverage for all new parser. We need more negative tests and more tests that catch single...
part of #307 - [ ] negative tests (do they exist, though, without relying on sub-validators?) - [ ] some kind of super test is needed to test that all...
