Open rynofinn opened 3 years ago
@khalifapro I cloned the code from master on 14-06-2021, build the tool and verified the ticket.
Observed that warning is still displayed bom-npm.spdx.txt
This is a not standard from node-red as they use GitHub commit as version for jsdoc-nr-template package, it is an edge case how should we handle it ? should we keep package version empty ? @niravpatel27
Observed that observed that warning message is displayed when SPDX file validated in the SPDX validator Tool Version I cloned the code from master on 25-06-2021, build the tool OS Windows 10 NPM
YARN
@niruautomation @niravpatel27 we still have the old warning because of package version is referring to GitHub commit.
Original Reporter: nvelagapudi Environment: Not Specified Version: Not Specified Migrated From: http://jira.linuxfoundation.org/browse/SSB-58
spdx-sbom-generator tool version v0.0.3Test Repos that I used for testinghttps://github.com/gothinkster/node-express-realworld-example-apphttps://github.com/node-red/node-redGenerate the SPDX file for the reposValidate the files in https://tools.spdx.org/app/validate/Observed that validation failed. PFA SPDX files for reference