Conversion creates invalid SPDX JSON

[vargenau]

hello.spdx.json.txt hello.cdx.json.txt

Convert hello.spdx.jsonfrom SPDX to CycloneDX:

cyclonedx convert --input-file hello.spdx.json --input-format autodetect --output-file hello.cdx.json --output-format json

Try to convert the result back to SPDX:

cyclonedx convert --output-file hello2.spdx.json --output-format spdxjson --input-file hello.cdx.json --input-format json

Result:

Unhandled exception: System.Text.Json.JsonException: '}' is invalid after a single JSON value. Expected end of data. Path: $ | LineNumber: 182 | BytePositionInLine: 3.

[andreas-hilti]

@vargenau Could it be that hello.cdx.json already existed and you tried to overwrite it? Then, I would assume that it is a duplicate of https://github.com/CycloneDX/cyclonedx-cli/issues/255.

[vargenau]

I tested again with version 0.25.0 of cyclonedx-cli

The hello.spdx.json file is valid SPDX:

pyspdxtools -i hello2.spdx.json

When converted to CycloneDX then converted back to SPDX, the resulting file hello2.spdx.json is invalid SPDX:

pyspdxtools -i hello2.spdx.json
ERROR:root:The document is invalid. The following issues have been found:
license_info_in_file is mandatory in SPDX-2.2
license_info_in_file is mandatory in SPDX-2.2
license_info_in_file is mandatory in SPDX-2.2
there must be at least one relationship "SPDXRef-DOCUMENT DESCRIBES ..." or "... DESCRIBED_BY SPDXRef-DOCUMENT" when there is not only a single package present

[vargenau]

hello2.spdx.json.txt