Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: convert spdx absolute to relative #3509

Merged
merged 6 commits into from
Dec 9, 2024
Merged

feat: convert spdx absolute to relative #3509

merged 6 commits into from
Dec 9, 2024

Conversation

spiffcs
Copy link
Contributor

@spiffcs spiffcs commented Dec 9, 2024
edited
Loading

Description

@popey I branched this off of my other SPDX work going into the plug fest submissions.

This is ONLY the change for absolute --> relative paths for the spdx format model. Some of the other format validations and NTIA minimum work is still in progress.

Type of change

Bug Fix - SPDX documents were being flagged as invalid:

file name must not be an absolute path starting with "/", but is: /.github/actions/bootstrap/action.yaml
file name must not be an absolute path starting with "/", but is: /.github/workflows/benchmark-testing.yaml
file name must not be an absolute path starting with "/", but is: /.github/workflows/dependabot-automation.yaml
file name must not be an absolute path starting with "/", but is: /.github/workflows/oss-project-board-add.yaml

This change updates file paths in the format model logic to be relative to the / directory.

  • Bug fix (non-breaking change which fixes an issue)

Checklist:

  • I have added unit tests that cover changed behavior
  • I have tested my code in common scenarios and confirmed there are no regressions
  • I have added comments to my code, particularly in hard-to-understand sections

@spiffcs
feat: convert spdx absolute to relative
59b3662 
Signed-off-by: Christopher Phillips <[email protected]>
@spiffcs spiffcs force-pushed the spdx-absolute-path-file branch from 0318924 to 59b3662 Compare December 9, 2024 16:19
@spiffcs
Merge branch 'main' into spdx-absolute-path-file
b021ff5 
Signed-off-by: Christopher Angelo Phillips <[email protected]>
@spiffcs
chore: lint and error fix
1cc2248 
Signed-off-by: Christopher Phillips <[email protected]>
@spiffcs
Merge branch 'spdx-absolute-path-file' of https://github.com/anchore/…
14901bd 
…syft into spdx-absolute-path-file

* 'spdx-absolute-path-file' of https://github.com/anchore/syft:
  chore(deps): update CPE dictionary index (#3507)
  chore(deps): update tools to latest versions (#3506)
  chore(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 (#3508)
  chore(deps): bump actions/cache from 4.1.2 to 4.2.0 (#3503)
  Add relationships for rust audit binary packages (#3500)
  fix order of rust dependencies and support git sources in Cargo.lock dependencies (#3502)
  chore(deps): update tools to latest versions (#3501)
  chore(deps): bump golang.org/x/net from 0.31.0 to 0.32.0 (#3499)
  chore: add and document target for updating unit snapshots (#3498)
  fix: emit NOASSERTION for copyright text to fix SPDX 2.2 validation failure (#3495)
@spiffcs
chore: update golden fixtures to use relative paths
7e6a804 
Signed-off-by: Christopher Phillips <[email protected]>
@spiffcs
chore: convert IsAbs
98ad82b 
Signed-off-by: Christopher Phillips <[email protected]>
@spiffcs spiffcs force-pushed the spdx-absolute-path-file branch from 613fc25 to 98ad82b Compare December 9, 2024 17:00
@spiffcs spiffcs merged commit f9e320c into main Dec 9, 2024
12 checks passed
@spiffcs spiffcs deleted the spdx-absolute-path-file branch December 9, 2024 18:02
@wagoodman wagoodman added the enhancement New feature or request label Dec 9, 2024
@BrewTestBot BrewTestBot mentioned this pull request Dec 9, 2024
Merged
@vargenau
Copy link
Contributor

Fixes #2093

@vargenau vargenau mentioned this pull request Dec 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees

@spiffcs spiffcs

Labels
enhancement New feature or request
Projects
OSS
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@spiffcs @vargenau @wagoodman