Marc-Etienne Vargenau
Marc-Etienne Vargenau
> @vargenau v0.2.0 has been released please give it a shot. Yes, I have seen it. I will check. Thank you for the improvement.
Yes, I still have the issue. ``` pyspdxtools -i OPENSSL-zlib.spdx.json ERROR:root:The document is invalid. The following issues have been found: Unrecognized license reference: zlib. license_expression must only use IDs from...
@mjherzog What are the other use cases? Which CISA SBOM Type should be selected in these cases?
This seems to be a duplicate of https://github.com/aboutcode-org/scancode-toolkit/issues/3539
Thank you very much @goneall for your answer. I have created a pull request https://github.com/spdx/tools-java/pull/171 to add it to the README file.
The conversion works, but I have many warnings. ``` [main] WARN org.spdx.library.model.v2.SpdxElement - No creation info for document Optional[hello] [main] WARN org.spdx.storage.listedlicense.SpdxListedLicenseModelStore - SPDX listed license URL was used instead...
Hi @goneall Thank you for having a look at my warnings. Input file is here: https://github.com/OpenChain-Project/Telco-WG/blob/main/tools/openchain_telco_sbom_validator/open-source-compliance-artifacts/openchain-telco-sbom-validator-0.1.6.spdx
Thank you @goneall
Hi @goneall Best wishes for the new year! I still have some warnings: ``` janv. 06, 2025 10:42:53 AM net.jimblackler.jsonschemafriend.Schema AVERTISSEMENT: No match for #/$defs/ElementCollection janv. 06, 2025 10:42:53 AM...
Thank you @goneall I will check in the next release.