diff --git a/rdfloader/parser2v3/constants.go b/rdfloader/parser2v3/constants.go index 48f870fb..44ca0d4c 100644 --- a/rdfloader/parser2v3/constants.go +++ b/rdfloader/parser2v3/constants.go @@ -12,7 +12,7 @@ var ( NS_PTR = "http://www.w3.org/2009/pointers#" NS_DOAP = "http://usefulinc.com/ns/doap#" - // SPDX_SPEC_VERSION SPDX properties + // SPDX properties SPDX_SPEC_VERSION = NS_SPDX + "specVersion" SPDX_DATA_LICENSE = NS_SPDX + "dataLicense" SPDX_NAME = NS_SPDX + "name" diff --git a/rdfloader/parser2v3/parse_file_test.go b/rdfloader/parser2v3/parse_file_test.go index 424ddfbf..0828163a 100644 --- a/rdfloader/parser2v3/parse_file_test.go +++ b/rdfloader/parser2v3/parse_file_test.go @@ -51,7 +51,7 @@ func Test_rdfParser2_3_getArtifactFromNode(t *testing.T) { ` - https://www.openjena.org/ + http://www.openjena.org/ Jena @@ -67,7 +67,7 @@ func Test_rdfParser2_3_getArtifactFromNode(t *testing.T) { if artifact.Name != "Jena" { t.Errorf("expected name of artifact: %s, found: %s", "Jena", artifact.Name) } - expectedHomePage := "https://www.openjena.org/" + expectedHomePage := "http://www.openjena.org/" if artifact.HomePage != expectedHomePage { t.Errorf("wrong artifact homepage. Expected: %s, found: %s", expectedHomePage, artifact.HomePage) } @@ -79,8 +79,8 @@ func Test_rdfParser2_3_getArtifactFromNode(t *testing.T) { rdfParser, err = parserFromBodyContent( ` - - https://www.openjena.org/ + + http://www.openjena.org/ Jena @@ -103,7 +103,7 @@ func Test_rdfParser2_3_getArtifactFromNode(t *testing.T) { ` - https://www.openjena.org/ + http://www.openjena.org/ Jena @@ -123,7 +123,7 @@ func Test_rdfParser2_3_getFileTypeFromUri(t *testing.T) { rdfParser, _ := parserFromBodyContent(``) // TestCase 1: Valid fileType URI: - fileTypeURI := "https://spdx.org/rdf/terms#fileType_source" + fileTypeURI := "http://spdx.org/rdf/terms#fileType_source" fileType, err := rdfParser.getFileTypeFromUri(fileTypeURI) if err != nil { t.Errorf("error in a valid example: %v", err) @@ -133,7 +133,7 @@ func Test_rdfParser2_3_getFileTypeFromUri(t *testing.T) { } // TestCase 2: Invalid fileType URI format. - fileTypeURI = "https://spdx.org/rdf/terms#source" + fileTypeURI = "http://spdx.org/rdf/terms#source" fileType, err = rdfParser.getFileTypeFromUri(fileTypeURI) if err == nil { t.Error("should've raised an error for invalid fileType") @@ -178,7 +178,7 @@ func Test_setFileIdentifier(t *testing.T) { file := &v2_3.File{} // TestCase 1: valid example - err := setFileIdentifier("https://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#SPDXRef-129", file) + err := setFileIdentifier("http://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#SPDXRef-129", file) if err != nil { t.Errorf("unexpected error: %v", err) } @@ -187,7 +187,7 @@ func Test_setFileIdentifier(t *testing.T) { } // TestCase 2: invalid example - err = setFileIdentifier("https://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#129", file) + err = setFileIdentifier("http://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#129", file) if err == nil { t.Errorf("should've raised an error for an invalid example") } @@ -197,7 +197,7 @@ func Test_rdfParser2_3_setFileChecksumFromNode(t *testing.T) { // TestCase 1: md5 checksum parser, _ := parserFromBodyContent(` - + d2356e0fe1c0b85285d83c6b2ad51b5f `) diff --git a/tvloader/parser2v1/parse_file_test.go b/tvloader/parser2v1/parse_file_test.go index 1f975050..77cf63a1 100644 --- a/tvloader/parser2v1/parse_file_test.go +++ b/tvloader/parser2v1/parse_file_test.go @@ -561,11 +561,11 @@ func TestParser2_1CanParseFileTags(t *testing.T) { if aop.Name != "project1" { t.Errorf("expected %v, got %v", "project1", aop.Name) } - if aop.HomePage != "https://example.com/1/" { - t.Errorf("expected %v, got %v", "https://example.com/1/", aop.HomePage) + if aop.HomePage != "http://example.com/1/" { + t.Errorf("expected %v, got %v", "http://example.com/1/", aop.HomePage) } - if aop.URI != "https://example.com/1/uri.whatever" { - t.Errorf("expected %v, got %v", "https://example.com/1/uri.whatever", aop.URI) + if aop.URI != "http://example.com/1/uri.whatever" { + t.Errorf("expected %v, got %v", "http://example.com/1/uri.whatever", aop.URI) } aop = parser.file.ArtifactOfProjects[1] @@ -583,8 +583,8 @@ func TestParser2_1CanParseFileTags(t *testing.T) { if aop.Name != "project3" { t.Errorf("expected %v, got %v", "project3", aop.Name) } - if aop.HomePage != "https://example.com/3/" { - t.Errorf("expected %v, got %v", "https://example.com/3/", aop.HomePage) + if aop.HomePage != "http://example.com/3/" { + t.Errorf("expected %v, got %v", "http://example.com/3/", aop.HomePage) } if aop.URI != "" { t.Errorf("expected %v, got %v", "", aop.URI) diff --git a/tvloader/parser2v2/parse_creation_info_test.go b/tvloader/parser2v2/parse_creation_info_test.go index 06c064f2..dcf60986 100644 --- a/tvloader/parser2v2/parse_creation_info_test.go +++ b/tvloader/parser2v2/parse_creation_info_test.go @@ -416,7 +416,7 @@ func TestFailsExternalDocumentReferenceWithInvalidFormats(t *testing.T) { "DocumentRef-spdx-tool-1.2 http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", "DocumentRef-spdx-tool-1.2 http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301 d6a770ba38583ed4bb4525bd96e50461655d2759", "DocumentRef-spdx-tool-1.2", - "spdx-tool-1.2 htt://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301 SHA1:d6a770ba38583ed4bb4525bd96e50461655d2759", + "spdx-tool-1.2 http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301 SHA1:d6a770ba38583ed4bb4525bd96e50461655d2759", } for _, refstring := range invalidRefs { _, _, _, _, err := extractExternalDocumentReference(refstring) diff --git a/tvsaver/saver2v2/save_package_test.go b/tvsaver/saver2v2/save_package_test.go index 7ddddd83..5c2a1749 100644 --- a/tvsaver/saver2v2/save_package_test.go +++ b/tvsaver/saver2v2/save_package_test.go @@ -133,7 +133,7 @@ multi-line external ref comment ExternalRef: PERSISTENT-ID swh swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2 ExternalRef: OTHER anything anything-without-spaces-can-go-here PackageAttributionText: Include this notice in all advertising materials - + `) // render as buffer of bytes @@ -163,7 +163,7 @@ func TestSaver2_2PackageSavesTextCombo2(t *testing.T) { PackageFileName: "p1-0.1.0-master.tar.gz", PackageSupplier: &common.Supplier{Supplier: "NOASSERTION"}, PackageOriginator: &common.Originator{OriginatorType: "Organization", Originator: "John Doe, Inc."}, - PackageDownloadLocation: "https://example.com/p1/p1-0.1.0-master.tar.gz", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", FilesAnalyzed: true, IsFilesAnalyzedTagPresent: false, PackageVerificationCode: common.PackageVerificationCode{Value: "0123456789abcdef0123456789abcdef01234567"}, @@ -181,7 +181,7 @@ func TestSaver2_2PackageSavesTextCombo2(t *testing.T) { Value: "624c1abb3664f4b35547e7c73864ad24", }, }, - PackageHomePage: "https://example.com/p1", + PackageHomePage: "http://example.com/p1", PackageSourceInfo: "this is a source comment", PackageLicenseConcluded: "GPL-2.0-or-later", PackageLicenseInfoFromFiles: []string{ @@ -200,31 +200,31 @@ func TestSaver2_2PackageSavesTextCombo2(t *testing.T) { // what we want to get, as a buffer of bytes want := bytes.NewBufferString(`PackageName: p1 - SPDXID: SPDXRef-p1 - PackageVersion: 0.1.0 - PackageFileName: p1-0.1.0-master.tar.gz - PackageSupplier: NOASSERTION - PackageOriginator: Organization: John Doe, Inc. - PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz - PackageVerificationCode: 0123456789abcdef0123456789abcdef01234567 - PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c - PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd - PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 - PackageHomePage: http://example.com/p1 - PackageSourceInfo: this is a source comment - PackageLicenseConcluded: GPL-2.0-or-later - PackageLicenseInfoFromFiles: Apache-1.1 - PackageLicenseInfoFromFiles: Apache-2.0 - PackageLicenseInfoFromFiles: GPL-2.0-or-later - PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later - PackageLicenseComments: this is a license comment(s) - PackageCopyrightText: Copyright (c) John Doe, Inc. - PackageSummary: this is a summary comment - PackageDescription: this is a description comment - PackageComment: this is a comment comment - PackageAttributionText: Include this notice in all advertising materials - - `) +SPDXID: SPDXRef-p1 +PackageVersion: 0.1.0 +PackageFileName: p1-0.1.0-master.tar.gz +PackageSupplier: NOASSERTION +PackageOriginator: Organization: John Doe, Inc. +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +PackageVerificationCode: 0123456789abcdef0123456789abcdef01234567 +PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +PackageHomePage: http://example.com/p1 +PackageSourceInfo: this is a source comment +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseInfoFromFiles: Apache-1.1 +PackageLicenseInfoFromFiles: Apache-2.0 +PackageLicenseInfoFromFiles: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageLicenseComments: this is a license comment(s) +PackageCopyrightText: Copyright (c) John Doe, Inc. +PackageSummary: this is a summary comment +PackageDescription: this is a description comment +PackageComment: this is a comment comment +PackageAttributionText: Include this notice in all advertising materials + +`) // render as buffer of bytes var got bytes.Buffer @@ -254,7 +254,7 @@ func TestSaver2_2PackageSavesTextCombo3(t *testing.T) { PackageFileName: "p1-0.1.0-master.tar.gz", PackageSupplier: &common.Supplier{Supplier: "John Doe", SupplierType: "Person"}, PackageOriginator: &common.Originator{Originator: "NOASSERTION"}, - PackageDownloadLocation: "https://example.com/p1/p1-0.1.0-master.tar.gz", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", FilesAnalyzed: false, IsFilesAnalyzedTagPresent: true, // NOTE that verification code MUST be omitted from output @@ -274,7 +274,7 @@ func TestSaver2_2PackageSavesTextCombo3(t *testing.T) { Value: "624c1abb3664f4b35547e7c73864ad24", }, }, - PackageHomePage: "https://example.com/p1", + PackageHomePage: "http://example.com/p1", PackageSourceInfo: "this is a source comment", PackageLicenseConcluded: "GPL-2.0-or-later", // NOTE that license info from files MUST be omitted from output @@ -300,31 +300,31 @@ which goes across two lines`, // what we want to get, as a buffer of bytes want := bytes.NewBufferString(`PackageName: p1 - SPDXID: SPDXRef-p1 - PackageVersion: 0.1.0 - PackageFileName: p1-0.1.0-master.tar.gz - PackageSupplier: Person: John Doe - PackageOriginator: NOASSERTION - PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz - FilesAnalyzed: false - PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c - PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd - PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 - PackageHomePage: http://example.com/p1 - PackageSourceInfo: this is a source comment - PackageLicenseConcluded: GPL-2.0-or-later - PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later - PackageLicenseComments: this is a license comment(s) - PackageCopyrightText: Copyright (c) John Doe, Inc. - PackageSummary: this is a summary comment - PackageDescription: this is a description comment - PackageComment: this is a comment comment - PackageAttributionText: Include this notice in all advertising materials - PackageAttributionText: and also this notice - PackageAttributionText: and this multi-line notice - which goes across two lines - - `) +SPDXID: SPDXRef-p1 +PackageVersion: 0.1.0 +PackageFileName: p1-0.1.0-master.tar.gz +PackageSupplier: Person: John Doe +PackageOriginator: NOASSERTION +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +PackageHomePage: http://example.com/p1 +PackageSourceInfo: this is a source comment +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageLicenseComments: this is a license comment(s) +PackageCopyrightText: Copyright (c) John Doe, Inc. +PackageSummary: this is a summary comment +PackageDescription: this is a description comment +PackageComment: this is a comment comment +PackageAttributionText: Include this notice in all advertising materials +PackageAttributionText: and also this notice +PackageAttributionText: and this multi-line notice +which goes across two lines + +`) // render as buffer of bytes var got bytes.Buffer @@ -344,7 +344,7 @@ func TestSaver2_2PackageSaveOmitsOptionalFieldsIfEmpty(t *testing.T) { pkg := &v2_2.Package{ PackageName: "p1", PackageSPDXIdentifier: common.ElementID("p1"), - PackageDownloadLocation: "https://example.com/p1/p1-0.1.0-master.tar.gz", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", FilesAnalyzed: false, IsFilesAnalyzedTagPresent: true, // NOTE that verification code MUST be omitted from output, @@ -363,14 +363,14 @@ func TestSaver2_2PackageSaveOmitsOptionalFieldsIfEmpty(t *testing.T) { // what we want to get, as a buffer of bytes want := bytes.NewBufferString(`PackageName: p1 - SPDXID: SPDXRef-p1 - PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz - FilesAnalyzed: false - PackageLicenseConcluded: GPL-2.0-or-later - PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later - PackageCopyrightText: Copyright (c) John Doe, Inc. - - `) +SPDXID: SPDXRef-p1 +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageCopyrightText: Copyright (c) John Doe, Inc. + +`) // render as buffer of bytes var got bytes.Buffer @@ -418,7 +418,7 @@ func TestSaver2_2PackageSavesFilesIfPresent(t *testing.T) { pkg := &v2_2.Package{ PackageName: "p1", PackageSPDXIdentifier: common.ElementID("p1"), - PackageDownloadLocation: "https://example.com/p1/p1-0.1.0-master.tar.gz", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", FilesAnalyzed: false, IsFilesAnalyzedTagPresent: true, // NOTE that verification code MUST be omitted from output, @@ -441,28 +441,28 @@ func TestSaver2_2PackageSavesFilesIfPresent(t *testing.T) { // what we want to get, as a buffer of bytes want := bytes.NewBufferString(`PackageName: p1 - SPDXID: SPDXRef-p1 - PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz - FilesAnalyzed: false - PackageLicenseConcluded: GPL-2.0-or-later - PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later - PackageCopyrightText: Copyright (c) John Doe, Inc. - - FileName: /tmp/whatever1.txt - SPDXID: SPDXRef-File1231 - FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c - LicenseConcluded: Apache-2.0 - LicenseInfoInFile: Apache-2.0 - FileCopyrightText: Copyright (c) Jane Doe - - FileName: /tmp/whatever2.txt - SPDXID: SPDXRef-File1232 - FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983d - LicenseConcluded: MIT - LicenseInfoInFile: MIT - FileCopyrightText: Copyright (c) John Doe - - `) +SPDXID: SPDXRef-p1 +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageCopyrightText: Copyright (c) John Doe, Inc. + +FileName: /tmp/whatever1.txt +SPDXID: SPDXRef-File1231 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +FileName: /tmp/whatever2.txt +SPDXID: SPDXRef-File1232 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983d +LicenseConcluded: MIT +LicenseInfoInFile: MIT +FileCopyrightText: Copyright (c) John Doe + +`) // render as buffer of bytes var got bytes.Buffer @@ -505,6 +505,7 @@ PackageLicenseConcluded: GPL-2.0-or-later PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later PackageCopyrightText: Copyright (c) John Doe, Inc. Copyright Jane Doe + `) // render as buffer of bytes