Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tags and format properties are case sensitive #753

Closed
vargenau opened this issue Sep 6, 2023 · 5 comments · Fixed by #758
Closed

Tags and format properties are case sensitive #753

vargenau opened this issue Sep 6, 2023 · 5 comments · Fixed by #758

Comments

@vargenau
Copy link
Contributor

vargenau commented Sep 6, 2023

The spec says: "Tags and format properties are case sensitive".

The document contains:

FilesAnalyzed: TRUE

pyspdxtools -i hello.spdx

ERROR:root:The document is invalid. The following issues have been found:
package must contain no elements if files_analyzed is False, but found [Relationship(spdx_element_id='SPDXRef-Package-hello', relationship_type=<RelationshipType.CONTAINS: 6>, related_spdx_element_id='SPDXRef-hello-binary', comment=None), Relationship(spdx_element_id='SPDXRef-Package-hello', relationship_type=<RelationshipType.CONTAINS: 6>, related_spdx_element_id='SPDXRef-Makefile', comment=None), Relationship(spdx_element_id='SPDXRef-Package-hello', relationship_type=<RelationshipType.CONTAINS: 6>, related_spdx_element_id='SPDXRef-hello-src', comment=None)]
license_info_from_files must be None if files_analyzed is False, but is: [LicenseSymbol('GPL-3.0-or-later', aliases=('GPL-3.0+', 'LicenseRef-GPL-3.0-or-later'), is_exception=False)]
verification_code must be None if files_analyzed is False, but is: PackageVerificationCode(value='9d20237bb72087e87069f96afb41c6ca2fa2a342', excluded_files=[])

The error message is misleading.

It should say that TRUE is not a correct value for FilesAnalyzed, instead of saying that FilesAnalyzed is False and outputing an error message assuming that FilesAnalyzed is false.

hello.spdx.txt
@armintaenzertng
Copy link
Collaborator

This is an issue with the tag-value parsing, the corresponding code can be found here.

The code currently does not check whether the input is conformant with the spec at all. This should be added.

As this is simply a boolean, I don't think we should be as strict as the spec suggests and instead accept True or TRUE as valid input, too.

@maxhbr
Copy link
Member

maxhbr commented Sep 7, 2023

... I don't think we should be as strict as the spec suggests ...

I think we should be as strict and instead fail with an helpful error if some value can not be parsed to bool.

@vargenau
Copy link
Contributor Author

vargenau commented Sep 7, 2023

I agree with Max. We should follow the standard and be strict.

@armintaenzertng armintaenzertng mentioned this issue Sep 8, 2023
Merged
@armintaenzertng
Copy link
Collaborator

@vargenau, I opened #758 to address the issue, please have a look and see if this solves your problem.

@vargenau
Copy link
Contributor Author

Hello @armintaenzertng

I confirm #758 fixes the issue.
Thank you for the quick fix.

@armintaenzertng armintaenzertng mentioned this issue Oct 17, 2023
Merged
@armintaenzertng armintaenzertng mentioned this issue Dec 7, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[issue-753] only allow lowercase values for FilesAnalyzed in tag-value armintaenzertng/tools-python
3 participants
@vargenau @maxhbr @armintaenzertng