Missing JFrog Licenses in SARIF format - Githubissues

jfrog / jfrog-cli

JFrog CLI is a client that provides a simple interface that automates access to the JFrog products.

https://www.jfrog.com/confluence/display/CLI/JFrog+CLI

Apache License 2.0

530 stars 227 forks source link

Missing JFrog Licenses in SARIF format #2456

Open marcandre-larochelle-bell opened 7 months ago

marcandre-larochelle-bell commented 7 months ago

Describe the bug

None of the JFrog licenses are included in the SARIF format.

Current behavior

None of the JFrog licenses are included in the SARIF format.

Reproduction steps

Create 2 reports (1 JSON and 1 SARIF)
jf audit --licenses --format json > foss_result.json
jf audit --licenses --format sarif > foss_result.sarif
Compare the outputs of the reports

Expected behavior

The SARIF format contains the same license information as the json output.

JFrog CLI version

2.52.9

Operating system type and version

Docker

JFrog Artifactory version

No response

JFrog Xray version

No response

marcandre-larochelle-bell commented 7 months ago

Related of: https://github.com/jfrog/jfrog-cli/issues/2063 (open since July 2023, issue present from at least version 2.42.1)

marcandre-larochelle-bell commented 7 months ago

Based on https://github.com/jfrog/jfrog-cli/issues/2270 it seems like https://github.com/jfrog/jfrog-cli/issues/2063 has been partially addressed, but nothing regarding licenses yet.