.NET - NOASSERTION is displayed for PackageLicenseConcluded/PackageLicenseDeclared even if license exists for the package

opensbom-generator / spdx-sbom-generator

Support CI generation of SBOMs via golang tooling.

396 stars 109 forks source link

.NET - NOASSERTION is displayed for PackageLicenseConcluded/PackageLicenseDeclared even if license exists for the package #154

Open niruautomation opened 3 years ago

niruautomation commented 3 years ago

@proximapc Tool Version I cloned the code from master on 14-06-2021, build the tool Test Repo https://github.com/dotnet-architecture/eShopOnWeb OS Windows 10

Observed that NOASSERTION is displayed for PackageLicenseConcluded/PackageLicenseDeclared even if license exists for the package. Issue observed for all packages

Example1

prabodhcs commented 3 years ago

@niruautomation I can see we have commented the code for the below fields in the spdx generator module code ref - https://github.com/spdx/spdx-sbom-generator/pull/127/files#diff-768d2ba15583dd4ccee88ee73021ecb3e6c245ba0d4c3b92b33fe040301ac4b5L184

PackageLicenseConcluded
PackageLicenseDeclared
PackageCopyrightText