Incorrect conversion for FileCopyrightText

[vargenau]

I have a tag-value SPDX file that contains:

PackageCopyrightText: NOASSERTION

for one package and

PackageCopyrightText: NONE

for another.

After converting the file to JSON then to tag-value, I get the following:

PackageCopyrightText: <text>NOASSERTION</text>

and

PackageCopyrightText: <text>NONE</text>

[goneall]

@vargenau Can you upload the tag/value file that reproduces this problem?

This sounds like a pretty serious issue if it is assigning the copyright text to the incorrect packages.

[vargenau]

copyright-converted.spdx.txt copyright.spdx.txt copyright.json.txt

[vargenau]

copyright.spdx.txt --> copyright.json.txt --> copyright-converted.spdx.txt

[goneall]

Ahh - It looks like it is converting the field to a text value in the tag/value parser. We'll need to special case these values when serializing SpdxCopyrightText.

Moving this over to the tag/value parser library where this issue originates.

[vargenau]

I still see the issue in the online tool. Probably the new code has not been deployed.

[goneall]

This should have been deployed - I'll re-open this issue and see if I can find out what happened.

[goneall]

@vargenau I just tried this out on the online tools and it seems to work.

Attached is an archive with 3 files I used in the test:

• SPDXTagExample-v2.3.spdx - the input file with a PackageCopyrightText of NOASSERTION
• test.json - intermediate JSON test file converted from the SPDXTagExample-v2.3.spdx file
• output.spdx - final output file from converting test.json to tag/value

The output.spdx file seems to have the correct value.

If you have a test file that duplicates the issue, please upload and I'll look into it further test-files.zip .

[goneall]

@vargenau You can also check the version of the online tools in the about tab at the bottom of the page. It should read:

Spdx online tools version : 1.0.7
Java Tools version : 1.1.0

[vargenau]

@goneall Conversion is done at https://tools.spdx.org/app/convert/

I have: Spdx online tools version : 1.0.7 Java Tools version : 1.1.0

File is taken from https://github.com/spdx/spdx-examples.git in example3/spdx

example3-src.spdx.txt example3-src.spdx.json.txt example3-src-from-json.spdx.txt

[goneall]

Thanks @vargenau for the additional info.

I now see the issue. I fixed the packageCopyrightText, but the fileCopyrightText is still an issue.

If you agree, I'll rename this issue and resolve it in a future release.

[vargenau]

@goneall That is fine for me.

[goneall]

I think this is finally fixed with PR #25

I'll close this issue, but it will likely be a few weeks before the next online tools update.