Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: SPDX license instead of expression #378

Closed
jkowalleck opened this issue Jun 24, 2022 Discussed in #377 · 5 comments · Fixed by #610
Closed

feat: SPDX license instead of expression #378

jkowalleck opened this issue Jun 24, 2022 Discussed in #377 · 5 comments · Fixed by #610
Assignees
@jkowalleck
Labels
enhancement New feature or request
Milestone
4.0.0

Comments

@jkowalleck
Copy link
Member

jkowalleck commented Jun 24, 2022
edited
Loading

BASED ON Discussed in #377

have a feature switch, that causes the output to change in behaviour:

instead of

<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.4"
     serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
     version="1">
    <components>
        <component type="library">
            <group>org.acme</group>
            <name>card-verifier</name>
            <version>1.0.2</version>
            <licenses>
                <expression>(Apache-2.0 OR MIT)</expression>
            </licenses>
        </component>
    </components>
</bom>

the output should look like this:

<?xml version="1.0" encoding="UTF-8"?>
<bom xmlns="http://cyclonedx.org/schema/bom/1.4"
     serialNumber="urn:uuid:3e671687-395b-41f5-a30f-a58921a69b79"
     version="1">
    <components>
        <component type="library">
            <group>org.acme</group>
            <name>card-verifier</name>
            <version>1.0.2</version>
            <licenses>
                <license>
                    <id>Apache-2.0</id>
                </license>
                <license>
                    <id>MIT</id>
                </license>
            </licenses>
        </component>
    </components>
</bom>
@jkowalleck jkowalleck changed the title SPDX license instead of expression feat: SPDX license instead of expression Jun 24, 2022
@jkowalleck jkowalleck added the enhancement New feature or request label Jun 24, 2022
@madpah
Copy link
Collaborator

madpah commented Jun 27, 2022

Duplicates #354

@Jonas-vdb Jonas-vdb mentioned this issue Sep 8, 2022
Closed
@jkowalleck
Copy link
Member Author

jkowalleck commented Sep 12, 2022
edited
Loading

discussed the topic with @madpah , and we think we will prefer ad different solution:
we will take the opportunity and create a factory in the cyclonedx-python-lib via CycloneDX/cyclonedx-python-lib#304
that accepts any string and will create the fitting license model from it - an expression, a named, or an SPDX one.

@jkowalleck jkowalleck mentioned this issue Sep 12, 2022
Closed
@jkowalleck
Copy link
Member Author

might be closed via #417

@jkowalleck jkowalleck added the help wanted Extra attention is needed label Dec 11, 2022
@jkowalleck jkowalleck removed the help wanted Extra attention is needed label Nov 14, 2023
@jkowalleck jkowalleck self-assigned this Nov 14, 2023
@jkowalleck jkowalleck added this to the 4.0.0 milestone Nov 14, 2023
@jkowalleck jkowalleck linked a pull request Nov 14, 2023 that will close this issue
feat!: rewrite CLI and parsers #610
Merged
42 tasks
@jkowalleck jkowalleck mentioned this issue Dec 25, 2023
Merged
@jkowalleck
Copy link
Member Author

fixed by #605

@jkowalleck
Copy link
Member Author

This feature will be part of the next/upcoming major release.
Changelog: see #605
Install via: pip install cyclonedx-bom==4.0.0rc1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jkowalleck jkowalleck

Labels
enhancement New feature or request
Projects
None yet
Milestone
4.0.0
2 participants
@jkowalleck @madpah