specification icon indicating copy to clipboard operation
specification copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

All required properties should have `"minLength": 1`

Open Brcrwilliams opened this issue 9 months ago • 1 comments

If a property is required, it should also not be an empty string. There are many places in the BOM schema where we use "required": [...] but do not also verify that these properties have "minLength": 1.

An example is .components[].name: https://github.com/CycloneDX/specification/blob/8e131b1688ccfe41e1bfdd4b3280f33dcc06d04c/schema/bom-1.6.schema.json#L831

It may be that optional properties should have this constraint as well. Consider the following example:

{
  "type": "library",
  "name": "whatever",
  "version": ""
}

If whatever does not have a version, it would be more clear if that key were to be omitted rather than provided as an empty string.

Brcrwilliams avatar May 08 '24 13:05 Brcrwilliams