-
Notifications
You must be signed in to change notification settings - Fork 585
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update SPDX tools-golang lib to v0.5.0 #1503
Update SPDX tools-golang lib to v0.5.0 #1503
Conversation
Signed-off-by: Keith Zantow <kzantow@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Nice!
@kzantow This looks good - are we waiting on a retag or any other functionality? |
I'm going to do a bit more manual testing to see if I can find any cases we didn't cover properly in tests and take it out of draft when I think things are ready. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All the tests pass and from my perspective most of the updates in the PR are the library changes common ==> spdx
LGTM
If there is other testing you want done or edge cases to call out let me know, but I think we can get this in and release
@@ -8,8 +8,7 @@ import ( | |||
"strings" | |||
"time" | |||
|
|||
"github.com/spdx/tools-golang/spdx/common" | |||
spdx "github.com/spdx/tools-golang/spdx/v2_3" | |||
"github.com/spdx/tools-golang/spdx" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
already so clean!
|
||
"github.com/anchore/syft/syft/formats/common/spdxhelpers" | ||
"github.com/anchore/syft/syft/sbom" | ||
) | ||
|
||
func decoder(reader io.Reader) (*sbom.SBOM, error) { | ||
doc, err := tvloader.Load2_3(reader) | ||
doc, err := tagvalue.Read(reader) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is also awesome
This PR updates spdx/tools-golang to v0.5.0 (-rc1).