loosebazooka
commented
9 months ago @AlexanderYukhanov @mathjeff @sgjesse @Badya @eygraber
Open loosebazooka opened 9 months ago
loosebazooka
commented
9 months ago @AlexanderYukhanov @mathjeff @sgjesse @Badya @eygraber
eygraber
commented
9 months ago Other than https://github.com/spdx/spdx-gradle-plugin/pull/82 it looks good for me
Badya
commented
9 months ago This plugin still doesn’t fully support the big multimodule/multiplatfrom projects like kotlin which contain a lot of custom tweaks inside.
Why hurry to stabilize the API and lose the flexibility?
loosebazooka
commented
9 months ago I think a 1.0 lets people integrate it into their builds with a little confidence that we're not gonna break them on every update. We can maybe wait a little while we figure out what's affecting the kotlin build. While I think kotlin multi platform is a known issue that needs to be addressed, that seems like something that would be an implementation detail rather than a breaking change?
eygraber
commented
9 months ago While working on https://github.com/spdx/spdx-gradle-plugin/issues/79 it seemed like there might be breaking changes needed for better Android support, specifically around variant support.
It's not technically needed because the consumer can handle it on their side, but it could get tricky in some cases. Most if not all plugins I use support it.
sgjesse
commented
9 months ago Everything is working for the R8 project. Use of version 0.4.0 landed in https://r8.googlesource.com/r8/+/50a858ae98071fbf211bde328123371da0b83303 replacing our previously patched version.
So I think we're mostly feature complete (there are some android project issues... but we can fix that later)
Before I cut a
1.0.0, I'd like some sign offs from our main users that the latest 0.5.0 is working to acceptably produce sboms.A 1.0.0 release will formalize some things
If we want to make any big changes, we should make them now.