SSB-61: NPM - Version is displayed twice for SPDXID for dependencies

opensbom-generator / spdx-sbom-generator

Support CI generation of SBOMs via golang tooling.

396 stars 109 forks source link

SSB-61: NPM - Version is displayed twice for SPDXID for dependencies #85

Open rynofinn opened 3 years ago

rynofinn commented 3 years ago

Original Reporter: nvelagapudi Environment: Not Specified Version: Not Specified Migrated From: http://jira.linuxfoundation.org/browse/SSB-61

spdx-sbom-generator tool version v0.0.3Test Repos that I used for testinghttps://github.com/node-red/node-redObserved that version is displayed twice for SPDXID for dependenciesSPDX file (PFA file for reference)

niruautomation commented 3 years ago

@khalifapro I cloned the code from master on 14-06-2021, build the tool and verified the ticket. Observed that the issue is still reproducible Test Repo https://github.com/node-red/node-red