pom.xml scm url URI is invalid

[rpoet-jh]

The pom value for scm:url is currently https://github.com:networknt/json-schema-validator.git. I think it should be https://github.com/networknt/json-schema-validator.git (/ instead of : after github.com). Probably check the scm:connection and scm:developerConnection as well.

I came across this when validating an SBOM that has json-schema-validator as a dependency, validation was failing on the vcs:url .

[stevehu]

This is very interesting. I am using the current format for all the repos, and there is no issue at all. Here is the result of scm:validate.

[INFO] connectionUrl scm connection string is valid.
[INFO] project.scm.connection scm connection string is valid.
[INFO] project.scm.developerConnection scm connection string is valid.

[rpoet-jh]

Thanks for the quick reply. I'm assuming the validation ran was using the Maven pom https://maven.apache.org/xsd/maven-4.0.0.xsd schema. I see the type is xs:string for Scm::url, so I'm guessing it would pass since it is not checking against any URI formatting.

I'm hitting an error with https://github.com:networknt/json-schema-validator.git when validating a cyclonedx SBOM using sbom-utility. For json-schema-validator, it creates the following in the externalReferences attribute:

"type" : "vcs",
"url" : "https://github.com:networknt/json-schema-validator.git"

The error message when validating the SBOM is:

"description": "Does not match format 'iri-reference'",
"value": "https://github.com:networknt/json-schema-validator.git"

Also, if you do a curl -v https://github.com:networknt/json-schema-validator.git, it returns the following error:

URL rejected: Port number was not a decimal number between 0 and 65535

Changing the URL to https://github.com/networknt/json-schema-validator.git or https://github.com:/networknt/json-schema-validator.git both work with curl and pass SBOM validation.