Closed nishakm closed 3 years ago
We've tried to use pURL style URLs for container images as proposed in the 2.2 spec: https://spdx.github.io/spdx-spec/appendix-VI-external-repository-identifiers/
But we get an error:
Analysis exception processing SPDX file: Invalid download location pattern pkg:docker/photon@sha256:fbdae32f534858727fa855af8d548dfa5d98872ef81f466790f7c302a46e8384. Must match the pattern ^(NONE|NOASSERTION|(((git|hg|svn|bzr)\+)? (http:\/\/www\.|https:\/\/www\.|http:\/\/|https:\/\/|ssh:\/\/|git:\/\/|svn:\/\ /|sftp:\/\/|ftp:\/\/)?[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(:[0-9]{ 1,5})?(\/.*))|(git\+git@[a-zA-Z0-9\.]+:[a-zA-Z0-9]+)| (bzr\+lp:[a-zA-Z0-9\.]+))$
cc @rnjudge
This can be marked as dupe of https://github.com/spdx/tools/issues/265 :)
Closing as a dup of #265
We've tried to use pURL style URLs for container images as proposed in the 2.2 spec: https://spdx.github.io/spdx-spec/appendix-VI-external-repository-identifiers/
But we get an error:
cc @rnjudge