cyclonedx-gradle-plugin icon indicating copy to clipboard operation
cyclonedx-gradle-plugin copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

Is it possible to save the project URL which is stored in the Maven POM

Open spliffone opened this issue 2 years ago • 2 comments

Problem

Some Maven projects miss to publish the SCM URL but provide a project URL.

Is it possible to add the Maven project URL as part of the ExternalReferences and what is the correct reference type? Since the website is already used for the organization URL.

spliffone avatar Apr 25 '22 11:04 spliffone

Do you have an example of an SCM URL in a pom that is missed? If so, can you provide the GAV for an artifact on Maven Central so I can reproduce?

stevespringett avatar Apr 27 '22 03:04 stevespringett

Here is an example HikariCP-5.0.1 where we currently miss the SCM URL but the project has the github project also referenced in under project.url. But I guess the issue #123 could also resolve the problem.

But independent of the SCM URL is the project URL more specific than the organization URL (e.g. spring-security-web pom). Shouldn't we keep that piece of information?

Thx so much, the plugin helps a lot for my use cases.

spliffone avatar Apr 27 '22 07:04 spliffone