Skip to content

In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location #47408

New issue
New issue
Closed
Closed
In an uber war, value of the Sbom-Location manifest attribute does not match the SBOM's actual location#47408
Assignees
wilkinsonamhalbritter
Labels
type: bugA general bug
Milestone
3.4.11
@wilkinsona

Description

@wilkinsona
wilkinsona
opened on Oct 6, 2025

The manifest states that the Sbom-Location is META-INF/sbom/application.cdx.json but the SBOM's actual location is WEB-INF/classes/META-INF/sbom/application.cdx.json.

For reference, in the uber jar case both are META-INF/sbom/application.cdx.json.

Metadata

Metadata

Assignees

Labels

type: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions