cyclonedx-dotnet Schema validation fails with git style URL

Schema validation fails with git style URL

Open Recurse-blip opened this issue 7 months ago • 6 comments

It seems that the CycloneDX tools generates invalid URL when generating the SBOM which fails the schema validation when trying to upload the BOM to dependency-track.

This is the error I get :

{
    "status": 400,
    "title": "The uploaded BOM is invalid",
    "detail": "Schema validation failed",
    "errors": [
        "cvc-datatype-valid.1.2.1: '[email protected]:LordVeovis/xmlrpc.git' is not a valid value for 'anyURI'.",
        "cvc-type.3.1.3: The value '[email protected]:LordVeovis/xmlrpc.git' of element 'url' is not valid."
    ]
}

I think CycloneDX should convert those git style references to something like git+ssh://... or git+http://....git which are valid URLs.

Related issue : https://github.com/DependencyTrack/dependency-track/issues/3885 https://github.com/CycloneDX/cyclonedx-node-npm/issues/1198

Jun 28 '24 12:06 Recurse-blip

cyclonedx-dotnet cyclonedx-dotnet copied to clipboard

Schema validation fails with git style URL

cyclonedx-dotnet
cyclonedx-dotnet copied to clipboard