Gary O'Neall
Gary O'Neall
Since the license matching is tokanized and the var tags assume the regular expression is a token, it likely will not match a string in the middle of an expression....
e.g. SPDX Listed License
Raised as a question on the SPDX tech email list from Oliver Fendt: ... Sometimes you find in a package (lets assume the declared license is A) in some subdirectory...
Fixes #30 Although issue #30 is fixed, it looks like OSV has other changes to the service which is breaking the unit tests. This will take a bit more work...
- [x] Review all PR's and Issues - [x] Fix issue #24 - [x] Fix issue #23 - [x] Pass unit tests - [x] Run `mvn org.owasp:dependency-check-maven:check` - [x] Update...
Running the commandline gives the following error message: ``` SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. ``` This...
External document references are used for dependencies which have SPDX document as a repository artifact. XML formatted documents are included. However, .json files are not. This is likely due to...
For example, the generated document namespace for java-spdx-tagvalue-store version 1.6: ``` http://spdx.org/documents/java-spdx-tagvalue-store-%7B$version%7D ``` It should be: ``` http://spdx.org/documents/java-spdx-tagvalue-store-1.1.7 ```
Add configuration parameters to implement annotations and relationship for default file and file path specific information - updates to class SpdxFileCollector