Closed andreas-hilti closed 2 months ago
@jkowalleck While working on this, I noticed that the SPDX License Expression has a bom-ref in JSON: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.schema.json#L1470-L1498 and in xml: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.xsd#L2259-L2289 but not in protobuf: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.proto#L368-L376 I guess this is not intended, right?
@jkowalleck While working on this, I noticed that the SPDX License Expression has a bom-ref in JSON: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.schema.json#L1470-L1498 and in xml: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.xsd#L2259-L2289 but not in protobuf: https://github.com/CycloneDX/specification/blob/f18b992f8523728c17318a488dd716e5c677ae4c/schema/bom-1.6.proto#L368-L376 I guess this is not intended, right?