Closed ndjensen closed 1 year ago
Great bug report. Thanks. Turns out parser was looking for files that end in .jar, war, ear, and zip. Notice the "." was left off war, ear, and zip. So your test jar file happens to have a jarentry that is simple named gzip. So the parser blew up. Your sbom should be fine. But it's fixed now anyway. Will pick this up in next release.
Closed
jbom version: 1.2.1 Java version: OpenJDK 11
When I run jbom against a lib directory of dependencies, it logs a StringIndexOutOfBoundsException against the camel-base-engine jar.
The sbom entry appears to generate successfully for that jar so this would be a very low priority to fix. I looked at the jar and don't see what's different about it than other jars, but I did not debug into jbom to understand the error deeper. To repeat the issue, you can download the offending jar here and run jbom with the -d directory argument: https://mvnrepository.com/artifact/org.apache.camel/camel-base-engine/3.14.1