fix(ProtoBuf): Component.evidence optional
#534
Conversation
Signed-off-by: Jan Kowalleck <[email protected]>
|
May I ask you for a review? Would you consider this a breaking change? I've read https://protobuf.dev/programming-guides/dos-donts/#repeated-to-scalarin that subject matter. |
There was a problem hiding this comment.
For protobufs with a single evidence entry, it would be compatible, compare also:
https://protobuf.dev/programming-guides/proto3/#updating
However, for protobufs with multiple evidence entries, the merging of the elements will lead to a different behavior than what is specified in the comment (namely ignoring all but the first entry).
Thus, I tend to think it would be a breaking change.
|
Sorry for the confusion.
The current comment was a proposed fix for #422.
The 1.6.0 diff would be the following: 1.6...jkowalleck:fork_CycloneDX-specification:fix/protobuuf-component-evidence-optional#diff-31a634760e9b4432c392ead00601567422a8cc12ac462dead1a7f7ab9fa90fdb |
|
May I ask you for a review? |
| @@ -133,8 +133,8 @@ message Component { | |||
| repeated Component components = 21; | |||
| // Specifies optional, custom, properties | |||
| repeated Property properties = 22; | |||
| // Specifies optional license and copyright evidence. Only the first item in the optional repeated list is to be taken into account; every other item in the list is to be ignored/omitted. | |||
There was a problem hiding this comment.
Only the first item in the optional repeated list is to be taken into account; every other item in the list is to be ignored/omitted.
this was an early idea to solve the same issue. it was never publishe / released.
therefore, it is not binding.
fixes #422
by reverting the unreleased 19a1530 & acc5f3a
as discussed here: #422 (comment)