Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: emit NOASSERTION for copyright text to fix SPDX 2.2 validation failure #3495

Merged
merged 6 commits into from
Dec 4, 2024
Merged

fix: emit NOASSERTION for copyright text to fix SPDX 2.2 validation failure #3495

merged 6 commits into from
Dec 4, 2024

Conversation

spiffcs
Copy link
Contributor

@spiffcs spiffcs commented Dec 3, 2024
edited
Loading

Description

@Fearkin I could not push to your branch since it was on main of your fork. I've pushed a commit, checked out a local branch, and kept your commits so you still get the contribution credit.

  • Adds FileCopyrightText to SPDX formats

Fixes #3346

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Checklist:

  • I have added unit tests that cover changed behavior
  • I have tested my code in common scenarios and confirmed there are no regressions
  • I have added comments to my code, particularly in hard-to-understand sections

@github-actions github-actions bot added the json-schema Changes the json schema label Dec 3, 2024
@spiffcs spiffcs mentioned this pull request Dec 3, 2024
Closed
4 tasks
@spiffcs spiffcs requested a review from a team December 3, 2024 16:54
@spiffcs
chore: revert schema changes
76f5877 
Signed-off-by: Christopher Phillips <[email protected]>
@github-actions github-actions bot removed the json-schema Changes the json schema label Dec 4, 2024
@willmurphyscode
Copy link
Contributor

I plan to add a test that would have caught this on [email protected] output and then get it merged.

@willmurphyscode willmurphyscode self-assigned this Dec 4, 2024
@willmurphyscode
Copy link
Contributor

Tests added and snapshots updated. This is ready for re-review.

@willmurphyscode willmurphyscode changed the title 3346 spdx copyright text fix: emit NOASSERTION for copyright text to fix SPDX 2.2 validation failure Dec 4, 2024
wagoodman
wagoodman reviewed Dec 4, 2024
View reviewed changes
syft/format/internal/testutil/test-fixtures/snapshot/stereoscope-fixture-image-simple.golden
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: just a heads up for the future... there are two things that can be updated:

https://github.com/anchore/syft/blob/main/syft/format/spdxjson/encoder_test.go#L20-L21

I think the image did not need to be updated (and rarely needs to be), only the snapshots needed to be updated.

@willmurphyscode willmurphyscode merged commit 4819023 into main Dec 4, 2024
12 checks passed
@willmurphyscode willmurphyscode deleted the 3346-spdx-copyright-text branch December 4, 2024 19:58
spiffcs added a commit that referenced this pull request Dec 9, 2024
@spiffcs
Merge branch 'spdx-absolute-path-file' of https://github.com/anchore/…
14901bd 
…syft into spdx-absolute-path-file

* 'spdx-absolute-path-file' of https://github.com/anchore/syft:
  chore(deps): update CPE dictionary index (#3507)
  chore(deps): update tools to latest versions (#3506)
  chore(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 (#3508)
  chore(deps): bump actions/cache from 4.1.2 to 4.2.0 (#3503)
  Add relationships for rust audit binary packages (#3500)
  fix order of rust dependencies and support git sources in Cargo.lock dependencies (#3502)
  chore(deps): update tools to latest versions (#3501)
  chore(deps): bump golang.org/x/net from 0.31.0 to 0.32.0 (#3499)
  chore: add and document target for updating unit snapshots (#3498)
  fix: emit NOASSERTION for copyright text to fix SPDX 2.2 validation failure (#3495)
@BrewTestBot BrewTestBot mentioned this pull request Dec 9, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willmurphyscode willmurphyscode willmurphyscode left review comments

@wagoodman wagoodman wagoodman approved these changes

Assignees

@willmurphyscode willmurphyscode

Labels
None yet
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Invalid SPDX: missing copyright text
4 participants
@spiffcs @willmurphyscode @wagoodman @Fearkin