Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update SPDX tools-golang lib to v0.5.0 #1503

Merged
merged 3 commits into from
Jan 31, 2023

Conversation

kzantow
Copy link
Contributor

@kzantow kzantow commented Jan 20, 2023

This PR updates spdx/tools-golang to v0.5.0 (-rc1).

Signed-off-by: Keith Zantow <kzantow@gmail.com>
Copy link

@lumjjb lumjjb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Nice!

@spiffcs
Copy link
Contributor

spiffcs commented Jan 23, 2023

@kzantow This looks good - are we waiting on a retag or any other functionality?

@kzantow
Copy link
Contributor Author

kzantow commented Jan 23, 2023

I'm going to do a bit more manual testing to see if I can find any cases we didn't cover properly in tests and take it out of draft when I think things are ready.

@kzantow kzantow marked this pull request as ready for review January 31, 2023 16:43
@kzantow kzantow requested a review from a team January 31, 2023 16:46
Copy link
Contributor

@spiffcs spiffcs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All the tests pass and from my perspective most of the updates in the PR are the library changes common ==> spdx

LGTM

If there is other testing you want done or edge cases to call out let me know, but I think we can get this in and release

@@ -8,8 +8,7 @@ import (
"strings"
"time"

"github.com/spdx/tools-golang/spdx/common"
spdx "github.com/spdx/tools-golang/spdx/v2_3"
"github.com/spdx/tools-golang/spdx"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

already so clean!


"github.com/anchore/syft/syft/formats/common/spdxhelpers"
"github.com/anchore/syft/syft/sbom"
)

func decoder(reader io.Reader) (*sbom.SBOM, error) {
doc, err := tvloader.Load2_3(reader)
doc, err := tagvalue.Read(reader)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is also awesome

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants