Convert SCM SSH URL's to HTTPS

Open spliffone opened this issue 2 years ago • 0 comments

Problem

The maven projects (pom files) sometimes contain SCM URL's as GIT SSH connect strings. Since they aren't valid URL this information get lost during the process (see also https://github.com/CycloneDX/specification/issues/141).

Sample syntax for POM SCM URL's:

scm:git:[email protected]:user/repo.git
scm:git:git://github.com/user/repo.git
[email protected]:user/repo.git

Samples:

https://repo1.maven.org/maven2/com/jayway/jsonpath/json-path/2.7.0/json-path-2.7.0.pom
https://repo1.maven.org/maven2/com/zaxxer/HikariCP/5.0.1/HikariCP-5.0.1.pom
https://repo1.maven.org/maven2/com/zaxxer/SparseBitSet/1.2/SparseBitSet-1.2.pom
https://repo1.maven.org/maven2/io/micrometer/micrometer-core/1.8.5/micrometer-core-1.8.5.pom

Proposal

Convert the SCM URL to a valid HTTPS URL before the plugin calls addExternalReference. Rules:

Remove scm:git: prefix
Replace git@ with https://
Replace git:// with https://
Replace : with /

Apr 24 '22 13:04 spliffone

cyclonedx-gradle-plugin cyclonedx-gradle-plugin copied to clipboard

Convert SCM SSH URL's to HTTPS

Problem

Proposal

cyclonedx-gradle-plugin
cyclonedx-gradle-plugin copied to clipboard