anthonyharrison

Thanks for the email and confirming that there isn't a schema currently. I am not an XML expert but I can generate a xsd file from the SPDX example using...

> Thanks @anthonyharrison for the help. > > I'll attach the XSD generated from the current Java utility. Perhaps you could look at it/compare it with the PyCharm generated XSD...

@zvr The cve-bin-tool support for SPDX validates against the SPDX 2.2 examples. The comment related to the Python tools [https://github.com/spdx/tools-python](https://github.com/spdx/tools-python) which do not currenty validate against the SPDX 2.2 standard.

@pombredanne The test case I have been using is to take the examples and use the test SPDX documents from [https://github.com/spdx/spdx-spec/tree/development/v2.2.2/examples](https://github.com/spdx/spdx-spec/tree/development/v2.2.2/examples). I have been using the latest code in the...

@terriko @BreadGenie A number of possible tools to consider include - [Selenium](https://pypi.org/project/selenium/) - [Robot Framework](https://pypi.org/project/robotframework/) - [Playwright](https://pypi.org/project/playwright/) All provide support for web automation and all support Python. I think it...

@mhemma A warning will be reported if there is any output on the stdout or stderr streams following the execution of the extractor application; in your example this appears to...

@terriko They are lots of differences in the SBOM files primarily due to changes to the implicit dependencies - frozenlist: Version changed from 1.3.0 to 1.3.1 - attrs: Version changed...

@terriko Added continue-on-error to the job and the job now runs to completion even when there is a difference detected. However the overall job status is still a Fail.

@terriko Updated to just generate and store SBOMs

> Not sure from your comment: did you want to merge this now? It looks like it's at the point where it won't get in the way of our regular...