[XML] license.id and license.name are optional
#288
Comments
license.id and license.name are optionallicense.id and license.name are optional
jkowalleck
added a commit
to jkowalleck/fork_CycloneDX-specification
that referenced
this issue
Sep 2, 2023
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
|
test cases are here: #289 |
license.id and license.name are optionallicense.id and license.name are optional
license.id and license.name are optionallicense.id and license.name are optional
|
proposed solution: remove |
jkowalleck
added a commit
to jkowalleck/fork_CycloneDX-specification
that referenced
this issue
Sep 8, 2023
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Merged
Merged
|
fix here: #292 |
|
@mtsfoni this was just merged. Thanks for bringing up this topic back then. 👍 |
Merged
stevespringett
added a commit
that referenced
this issue
Apr 9, 2024
## Added * Core enhancement: Attestation ([#192](#192) via [#348](#348)) * Core enhancement: Cryptography Bill of Materials — CBOM ([#171](#171), [#291](#291) via [#347](#347)) * Feature to express the URL to source distribution ([#98](#98) via [#269](#269)) * Feature to express the URL to RFC 9116 compliant documents ([#380](#380) via [#381](#381)) * Feature to express tags/keywords for services and components (via [#383](#383)) * Feature to express details for component authors ([#335](#335) via [#379](#379)) * Feature to express details for component and BOM manufacturer ([#346](#346) via [#379](#379)) * Feature to express communicate concluded values from observed evidences ([#411](#411) via [#412](#412)) * Features to express license acknowledgement ([#407](#407) via [#408](#408)) * Feature to express environmental consideration information for model cards ([#396](#396) via [#395](#395)) * Feature to express the address of organizational entities (via [#395](#395)) * Feature to express additional component identifiers: Universal Bill Of Receipts Identifier and Software Heritage persistent IDs ([#413](#413) via [#414](#414)) ## Fixed * Allow multiple evidence identities by XML/JSON schema ([#272](#272) via [#359](#359)) This was already correct via ProtoBuff schema. * Prevent empty `license` entities by XML schema ([#288](#288) via [#292](#292)) This was already correct in JSON/ProtoBuff schema. * Prevent empty or malformed `property` entities by JSON schema ([#371](#371) via [#375](#375)) This was already correct in XML/ProtoBuff schema. * Allow multiple `licenses` in `Metadata` by ProtoBuff schema ([#264](#264) via [#401](#401)) This was already correct in XML/JSON schema. ## Changed * Allow arbitrary `$schema` values by JSON schema ([#402](#402) via [#403](#403)) * Increased max length of `versionRange` (via [`3e01ce6`](3e01ce6)) * Harmonized length of `version` (via [#417](#417)) ## Deprecated * Data model "Component"'s field `author` was deprecated. (via [#379](#379)) Use field `authors` or field `manufacturer` instead. * Data model "Metadata"'s field `manufacture` was deprecated. ([#346](#346) via [#379](#379)) Use "Metadata"'s field `component`'s field `manufacturer` instead. - for XML: `/bom/metadata/component/manufacturer` - for JSON: `$.metadata.component.manufacturer` - for ProtoBuf: `Bom:metadata.component.manufacturer` ## Documentation * Centralize version and version-range (via [#322](#322)) * Streamlined SPDX expression related descriptions (via [#327](#327)) * Enhanced descriptions of `bom-ref`/`refType` ([#336](#336) via [#344](#344)) * Enhanced readability of enum documentation in JSON schema ([#361](#361) via [#362](#362)) * Fixed typo "compliment" -> "complement" (via [#369](#369)) * Added documentation for enum "ComponentScope"'s values in JSON schema ([#293](#293) via [`d92e58e`](d92e58e)) Texts were a taken from the existing ones in XML/ProtoBuff schema. * Added documentation for enum "TaskType"'s values ([#245](#245) via [#377](#377)) * Improve documentation for data model "Metadata"'s field `licenses` ([#273](#273) via [#378](#378)) * Added documentation for enum "MachineLearningApproachType"'s values ([#351](#351) via [#416](#416)) * Rephrased some texts here and there. ## Test data * Added test data for newly added use cases * Added quality assurance for our ProtoBuf schemas ([#384](#384) via [#385](#385))
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
based on https://cyclonedx.slack.com/archives/C01HBFNCNJ1/p1693586003544379
based on #133 & #330
In XML, the
license.idANDlicense.nameare optional(minOccurs="0"), and you have to chose one optional, meaning one must be omitted by choice, and the other one is optional.specification/schema/bom-1.5.xsd
Lines 643 to 654 in c320fc0
This appears to be unintended. In contrast,
specification/schema/bom-1.5.schema.json
Lines 732 to 739 in cc15c85
specification/schema/bom-1.5.proto
Lines 340 to 345 in cc15c85
The text was updated successfully, but these errors were encountered: