spdx_tools created field does not matches the specification #766
Comments
|
This occurs with any timezone-aware Python datetime object. Additionally, it highlights an additional bug. Passing in a timezone-aware datetime with a local timezone instead of UTC will produce results that are both syntactically and semantically incorrect; the equivalent of "3 pm EDT on October 4, 2023" would be reported as "2023-10-04T15:00:00-04:00Z", which is both not valid ISO 8601 and the completely wrong time. |
licquia
pushed a commit
to licquia/tools-python
that referenced
this issue
Oct 5, 2023
Fixes spdx#766. Signed-off-by: Jeff Licquia <jeff@licquia.org>
armintaenzertng
pushed a commit
that referenced
this issue
Oct 12, 2023
Fixes #766. Signed-off-by: Jeff Licquia <jeff@licquia.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
spdx
createdspecification expectsas in the example:
However, the current implementation does not produce time in the expected format.
Steps to reproduce
Line 41: created=datetime.datetime.now(tz=datetime.timezone.utc),
Line 75: release_date=datetime.datetime.now(tz=datetime.timezone.utc),
This does not match the spec and is also warned by: https://tools.spdx.org/app/
test_sbom.py.zip
The text was updated successfully, but these errors were encountered: