Closed nscuro closed 1 month ago
ObjectLocator#locate does not search any objects in a given BOM, if the BOM is missing a metadata.component node:
ObjectLocator#locate
metadata.component
https://github.com/CycloneDX/cyclonedx-core-java/blob/e2f7db69fda60632ce759fbf293b8bdf3754cd91/src/main/java/org/cyclonedx/util/ObjectLocator.java#L64-L90
It should be able to search in components, services, and vulnerabilities, even when metadata.component is not set.
components
services
vulnerabilities
ObjectLocator#locate
does not search any objects in a given BOM, if the BOM is missing ametadata.component
node:https://github.com/CycloneDX/cyclonedx-core-java/blob/e2f7db69fda60632ce759fbf293b8bdf3754cd91/src/main/java/org/cyclonedx/util/ObjectLocator.java#L64-L90
It should be able to search in
components
,services
, andvulnerabilities
, even whenmetadata.component
is not set.