Hashawaji
commented
1 year ago @nishakm Please have a look and do let me know if there is a community meeting tomorrow, I would love to participate and discuss these changes.
Closed Hashawaji closed 1 year ago
Hashawaji
commented
1 year ago @nishakm Please have a look and do let me know if there is a community meeting tomorrow, I would love to participate and discuss these changes.
ba11b0y
commented
1 year ago Hey! @Hashawaji We're trying to do a complete refactor of the sbom generator project. In the proposed refactor we're trying to use the parsers project and the tools-golang combined.
This PR houses the refactor as of now. Maybe you can try generating the SBOM using the PR, and if you still face the same issue you can send in a PR to the npm parser since eventually we'll end up using that
I used this repository to generate SBOMs for my organization. I faced some issue for which I did some fixes in my fork. This PR contains those changes to contribute to upstream.
pkg/format/format.go: This change adds license information for packages. related issue: https://github.com/opensbom-generator/spdx-sbom-generator/issues/145
pkg/modules/npm/handler.go: These changes were added to support package-lock v2 files related issue: https://github.com/opensbom-generator/spdx-sbom-generator/issues/231
Signed-off-by: Hashim Javed hashawaji@gmail.com