Bug: Problem validating Python SPDX SBOM - Githubissues

python / release-tools

Scripts for making (C)Python releases

41 stars 34 forks source link

Bug: Problem validating Python SPDX SBOM #197

Open rjb4standards opened 2 days ago

rjb4standards commented 2 days ago

Describe the bug

Validation error reported from the SPDX online validator https://www.python.org/ftp/python/3.12.2/Python-3.12.2.tgz.spdx.json Analysis exception processing SPDX file: Duplicate SPDX ID: SPDXRef-FILE-Lib-collections-abc.py

Using the SPDX Online validator URL: https://tools.spdx.org/app/validate/

Thanks, Dick Brooks

To Reproduce

Goto https://tools.spdx.org/app/validate/ Upload the Python JSON SBOM file and press validate button. https://www.python.org/ftp/python/3.12.2/Python-3.12.2.tgz.spdx.json

Expected behavior

Successful validation

URL to the issue

No response

Screenshots

"![SCREENSHOT_DESCRIPTION](SCREENSHOT_LINK.png)"

Browsers

Firefox

Operating System

Windows

Browser Version

No response

Relevant log output

No response

Additional context

No response

ned-deily commented 2 days ago

Thanks for the report. While Python 3.12.2 is now obsolete, the same result is observed with the current 3.12.7 and 3.13.0 releases. Moving to the release-tools issue trackers. @sethmlarson?