Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Filename validation happens with default schema #150

Closed
mmarseu opened this issue Apr 9, 2024 · 2 comments · Fixed by #167
Closed

Filename validation happens with default schema #150

mmarseu opened this issue Apr 9, 2024 · 2 comments · Fixed by #167
Assignees
@mmarseu

Comments

@mmarseu
Copy link
Collaborator

mmarseu commented Apr 9, 2024

Is it intentional behavior that the validate command validates the filename even when using the default schema? It seems counterintuitive, since this is a very special requirement that we probably shouldn't impose on every user of the tool.

I know filename validation can be "disabled" manually in a sense by providing a catch-all regex (i.e., .*) to the --filename-pattern option but IMO the default behavior should be either:

  • no validation at all, since the CycloneDX standard doesn't require any particular filename
  • or a warning (no error) if the filename doesn't match what CycloneDX recommends (i.e., bom.json or *.cdx.json), with an option to disable (e.g., --no-filename)
mmarseu added a commit that referenced this issue Apr 11, 2024
@mmarseu
tests: Add integration tests
204605c 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Apr 11, 2024
@mmarseu
tests: Add integration tests
17f7743 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
@mmarseu mmarseu mentioned this issue Apr 11, 2024
Draft
5 tasks
@italvi
Copy link
Collaborator

italvi commented Apr 15, 2024

I know, it is only a recommendation, but we do allow bom.json per default and imho we should at least try to set a standard.

However, your second suggestion works for me as well, as always using bom.json is ambiguous.

@mmarseu mmarseu self-assigned this Apr 22, 2024
@mmarseu
Copy link
Collaborator Author

mmarseu commented Apr 22, 2024

However, your second suggestion works for me as well, as always using bom.json is ambiguous.

Alright, I'll take care of it.

@mmarseu mmarseu linked a pull request Apr 24, 2024 that will close this issue
fix: Disable strict filename validation for default schema #167
Merged
mmarseu added a commit that referenced this issue May 23, 2024
@mmarseu
tests: Add integration tests
c13c1dd 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue May 28, 2024
@mmarseu
tests: Add integration tests
c1cfb84 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jun 20, 2024
@mmarseu
tests: Add integration tests
c6b0fdc 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jul 2, 2024
@mmarseu
tests: Add integration tests
bc5ec24 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jul 2, 2024
@mmarseu
tests: Add integration tests
9554c43 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jul 4, 2024
@mmarseu
tests: Add integration tests
99275cb 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jul 10, 2024
@mmarseu
tests: Add integration tests
0916462 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
mmarseu added a commit that referenced this issue Jul 10, 2024
@mmarseu
tests: Add integration tests
62c6903 
Add integration tests for all commands except merge-vex.
merge-vex will be added once issue #156 has been answered.

Some tests fail due to open issues:

- #154 makes TestBuildPublic fail
- #150 makes TestValidate fail
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmarseu mmarseu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Disable strict filename validation for default schema Festo-se/cyclonedx-editor-validator
2 participants
@mmarseu @italvi