feat!: dont "fix" licenses if not needed.

[jkowalleck]

currently, we "fix" licenses

"""
Per CycloneDX spec, there must be EITHER one license expression OR multiple license id/name.
If there is an expression, it is used and everything else is moved to evidences, so it is not lost.
"""
# hack for preventing expressions AND named licenses.
# see https://github.com/CycloneDX/cyclonedx-python/issues/826
# see https://github.com/CycloneDX/specification/issues/454

see

cyclonedx-python/cyclonedx_py/_internal/utils/cdx.py

Lines 102 to 119 in ffe63d1

	def licenses_fixup(component: 'Component') -> None:
	"""
	Per CycloneDX spec, there must be EITHER one license expression OR multiple license id/name.
	If there is an expression, it is used and everything else is moved to evidences, so it is not lost.
	"""
	# hack for preventing expressions AND named licenses.
	# see https://github.com/CycloneDX/cyclonedx-python/issues/826
	# see https://github.com/CycloneDX/specification/issues/454
	licenses = list(component.licenses)
	lexp = find_LicenseExpression(licenses)
	if lexp is None:
	return
	component.licenses = (lexp,)
	licenses.remove(lexp)
	if len(licenses) > 0:
	if component.evidence is None:
	component.evidence = ComponentEvidence()
	component.evidence.licenses.update(licenses)

this is no longer needed since CycloneDX 1.7

feature request: dont "fix" licenses if not needed.

this might be considered a breaking change, since the output result might be different.

[Rohankaf]

@jkowalleck can u assign me that please

[jkowalleck]

can u assign me that please

will assign it as soon as I see a proof of work - a (draft) pull request or something.

[Rohankaf]

@jkowalleck i already pull the request