search

tern-tools / tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
BSD 2-Clause "Simplified" License
960 stars 188 forks source link

Invalid SPDXID #1143 #1148

Closed vargenau closed 2 years ago

vargenau commented 2 years ago

This commit fixes issue #1143 "Invalid SPDXID".

An SPDXID cannot contain an underscore. The underscore is replaced by a dash.

rnjudge commented 2 years ago

Hi @vargenau Same comment as your other PR - there's some other commits attached to this but the code change is good. Do you want me to take this over and get it merged?

vargenau commented 2 years ago

Hi Rose,

Yes, please merge. Sorry about the multiple commits.

rnjudge commented 2 years ago

Closing in lieu of https://github.com/tern-tools/tern/pull/1150