Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: Updated PackageSupplier to type Organization for JAR files #3093

Merged
merged 2 commits into from
Aug 3, 2024
Merged

Fix: Updated PackageSupplier to type Organization for JAR files #3093

merged 2 commits into from
Aug 3, 2024

Conversation

harippriyas
Copy link
Contributor

Issue:
The PackageSupplier and PackageOriginator are set to type 'Person' for JAR files. For example:

PackageName: jackson-annotations
SPDXID: SPDXRef-Package-java-archive-jackson-annotations-55544ed7d2a352e0
PackageVersion: 2.9.10
PackageSupplier: Person: FasterXML
PackageOriginator: Person: FasterXML

Fix:
Updated to set the type as 'Organization' if vendor is specified in the metadata file of the JAR.

Result:

PackageName: jackson-annotations
SPDXID: SPDXRef-Package-java-archive-jackson-annotations-55544ed7d2a352e0
PackageVersion: 2.9.10
PackageSupplier: Organization: FasterXML
PackageOriginator: Organization: FasterXML

Updated PackageSupplier to type Organization for JAR files
1f7a0f2 
Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>
@harippriyas harippriyas marked this pull request as draft August 3, 2024 10:20
@harippriyas harippriyas marked this pull request as ready for review August 3, 2024 12:23
@kzantow
Copy link
Contributor

kzantow commented Aug 3, 2024

As we discussed, I think this is a good change, could you consider adding a test so we don't regress here?

Fixed build failure
b8b46aa 
Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>
@harippriyas
Copy link
Contributor Author

As we discussed, I think this is a good change, could you consider adding a test so we don't regress here?

The tests were there, the file was not checked in. Can you please re-trigger the workflow to run the tests? Thanks

kzantow
kzantow approved these changes Aug 3, 2024
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @harippriyas

@kzantow kzantow merged commit cc15edc into anchore:main Aug 3, 2024
11 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Aug 9, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@harippriyas @kzantow