Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: fix examples for versionRange according to VERS spec #415

Merged
merged 1 commit into from
Mar 25, 2024
Merged

docs: fix examples for versionRange according to VERS spec #415

merged 1 commit into from
Mar 25, 2024

Conversation

jkowalleck
Copy link
Member

@jkowalleck
docs: fix examples for versionRange according to VERS spec
7325eb1 
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck jkowalleck added this to the 1.6 milestone Mar 25, 2024
@jkowalleck jkowalleck requested a review from a team as a code owner March 25, 2024 12:05
@jkowalleck jkowalleck requested a review from prabhu March 25, 2024 12:05
@jkowalleck jkowalleck mentioned this pull request Mar 25, 2024
Merged
prabhu
prabhu reviewed Mar 25, 2024
View reviewed changes
schema/bom-1.6.xsd
- "vers:cargo/9.0.14"
- "vers:npm/1.2.3|>=2.0.0|<5.0.0"
- "vers:pypi/0.0.0|0.0.1|0.0.2|0.0.3|1.0|2.0pre1"
- "vers:tomee/>=1.0.0-beta1|<=1.7.5|>=7.0.0-M1|<=7.0.7|>=7.1.0|<=7.1.2|>=8.0.0-M1|<=8.0.1"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the vers to be correct, the ranges must also be normalized as explained here. For instance, let's take an incorrectly normalized vers where <=8.0.1 is at the front.

vers:tomee/<=8.0.1|>=1.0.0-beta1|<=1.7.5|>=7.0.0-M1|<=7.0.7|>=7.1.0|<=7.1.2|>=8.0.0-M1

This would unfortunately match more versions than necessary. For now, we perhaps only add a warning since the intention here is to capture the range and not to use it for validation.

stevespringett
stevespringett approved these changes Mar 25, 2024
View reviewed changes
schema/bom-1.6.schema.json Show resolved Hide resolved
@stevespringett stevespringett merged commit 22299d0 into CycloneDX:1.6-dev Mar 25, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prabhu prabhu prabhu left review comments

@stevespringett stevespringett stevespringett approved these changes

Assignees
No one assigned
Labels
defect documentation
Projects
None yet
Milestone
1.6
Development

Successfully merging this pull request may close these issues.
3 participants
@jkowalleck @prabhu @stevespringett