SSB-62: NPM - As per spec @ should not be displayed for the package name

opensbom-generator / spdx-sbom-generator

Support CI generation of SBOMs via golang tooling.

396 stars 109 forks source link

SSB-62: NPM - As per spec @ should not be displayed for the package name #84

Closed rynofinn closed 3 years ago

rynofinn commented 3 years ago

Original Reporter: nvelagapudi Environment: Not Specified Version: Not Specified Migrated From: http://jira.linuxfoundation.org/browse/SSB-62

spdx-sbom-generator tool version v0.0.3Test Repos that I used for testinghttps://github.com/node-red/node-redObserved that @ is displayed for package name. As per spec it should not be displayedSPDX file (PFA file for reference)Spechttps://confluence.linuxfoundation.org/display/PROD/Nodejs+-+Yarn+and+NPM

niruautomation commented 3 years ago

Verified and closed in JIRA and hence closing the ticket