cdxgen icon indicating copy to clipboard operation
cdxgen copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

Follow CycloneDX 1.4 spec for SPDX license expressions for npm.

Open ansonallard opened this issue 2 years ago • 7 comments

Support spdx expressions for CycloneDX 1.4 Spec

ansonallard avatar Nov 02 '23 17:11 ansonallard

@ansonallard any ideas about the test failures?

prabhu avatar Nov 02 '23 18:11 prabhu

@prabhu Is there a way to see what the inputs were to the test that failed? I just see that the schema validation failed, but I don't have the data to determine why.

ansonallard avatar Nov 02 '23 18:11 ansonallard

@ansonallard I could never get the jsonschema to return that information. Usually I would run the same test locally and use jq :(

prabhu avatar Nov 02 '23 18:11 prabhu

@ansonallard, could you kindly rebase since we have refactored things a bit. Also, could you take a look at the new known-licenses.json to see if this bug could be resolved with an entry there?

prabhu avatar Nov 28 '23 09:11 prabhu

Is there any progress on this?

If not I would like move the changes to a new branch and try to fix it.

validide avatar Apr 13 '24 08:04 validide

@validide New branches are better. Also why are people still using 1.4?

prabhu avatar Apr 13 '24 10:04 prabhu

It's not just 1.4 I think. I just created an SBOM to test and got the following:

image image

I hope to have this done over the weekend.

validide avatar Apr 13 '24 11:04 validide