Java - Maven - PackageVersion field is not displayed and Version is not displayed for SPDXID for plugin when it is listed as package

opensbom-generator / spdx-sbom-generator

Support CI generation of SBOMs via golang tooling.

396 stars 109 forks source link

Java - Maven - PackageVersion field is not displayed and Version is not displayed for SPDXID for plugin when it is listed as package #130

Closed niruautomation closed 3 years ago

niruautomation commented 3 years ago

@prathapbproximabiz Tool Version Cloned code from main branch of https://github.com/spdx/spdx-sbom-generator on 11-06-2021 and built the tool Test Repo https://github.com/zxing/zxing OS Windows 10

Issue1 PackageVersion field is not displayed for plugin when it is listed as package Issue2 Version is not displayed for SPDXID for plugin when it is listed as package

SPDX file

pom.xml

niruautomation commented 3 years ago

@prathapbproximabiz Thank you for the clarification. Now I am able to understand the logic But are we supposed to skip the PackageVersion when version is missing

prathapbproximabiz commented 3 years ago

@niruautomation This issue is fixed. Will be sending PR shortly.

niruautomation commented 3 years ago

Verified that the issue is fixed bom-Java-Maven.spdx.txt