Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

licenseChoice streamlined #205

Merged
merged 2 commits into from
May 29, 2023
Merged

licenseChoice streamlined #205

merged 2 commits into from
May 29, 2023

Conversation

jkowalleck
Copy link
Member

@jkowalleck jkowalleck commented Apr 3, 2023
edited
Loading

fixes #204

proposal to streamline licenses: make JSON meat the existing XML spec

this does not change the actual SBOM structure in any way.
it only puts a constraint on the document to have exactly one expression in the list, if there is any expression.

@jkowalleck jkowalleck changed the base branch from master to v1.5-dev April 3, 2023 12:53
@jkowalleck jkowalleck force-pushed the licenses-streamlined branch from 97ef87d to a3ad114 Compare April 3, 2023 12:59
@jkowalleck jkowalleck marked this pull request as ready for review April 3, 2023 13:00
@jkowalleck jkowalleck changed the title Licenses streamlined licenseChoice streamlined Apr 3, 2023
@jkowalleck jkowalleck mentioned this pull request Apr 3, 2023
Closed
@jkowalleck jkowalleck requested a review from a team April 3, 2023 13:04
@jkowalleck jkowalleck force-pushed the licenses-streamlined branch from a3ad114 to 14fe986 Compare April 3, 2023 13:11
@jkowalleck jkowalleck requested a review from madpah April 3, 2023 13:12
@stevespringett stevespringett added this to the 1.5 milestone Apr 3, 2023
jkowalleck
jkowalleck commented Apr 3, 2023
View reviewed changes
schema/bom-1.5.schema.json Outdated Show resolved Hide resolved
@jkowalleck jkowalleck force-pushed the licenses-streamlined branch 3 times, most recently from 0d28fe0 to 29e7d66 Compare May 25, 2023 11:47
jkowalleck
jkowalleck commented May 25, 2023
View reviewed changes
schema/bom-1.5.schema.json
},
{
"required": ["expression"]
"additionalItems": false,
Copy link
Member Author

@jkowalleck jkowalleck May 25, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

defined items as a list(tuple!) with only one item and set additionalItems to false.
this causes validators and other to see: this list must have exactly one item with the defined predicates.

@jkowalleck jkowalleck force-pushed the licenses-streamlined branch from 29e7d66 to 05cf5ca Compare May 25, 2023 11:52
@jkowalleck jkowalleck force-pushed the licenses-streamlined branch from 05cf5ca to 4c85896 Compare May 26, 2023 12:49
@stevespringett stevespringett merged commit e846ff0 into v1.5-dev May 29, 2023
@stevespringett stevespringett deleted the licenses-streamlined branch May 29, 2023 13:44
@stevespringett stevespringett mentioned this pull request Jun 22, 2023
Closed
This was referenced Sep 25, 2023
Closed
Merged
Closed
@mtsfoni mtsfoni mentioned this pull request May 12, 2024
Closed
@johan-boule
Copy link

johan-boule commented Sep 23, 2024
edited
Loading

What do we have to do when the tool raises a LicenseExpressionAlongWithOthersException ?
Is there anything wrong with https://github.com/conan-io/conan-center-index/blob/master/recipes/openjdk/all/conanfile.py ?
I don't understand at all what I'm doing but, if I keep only one licence element in that conanfile.py, this fixes the error.

@jkowalleck
Copy link
Member Author

jkowalleck commented Sep 23, 2024
edited
Loading

It is expected to be either an expression, or a list of licenses; not both.
In case an expression exists, the list of licenses should be ignored for the following reasons:
expression knows the concatenation type (AND, OR, WITHOUT/EXCEPT) of the licenses, and is therefore more verbose.

@johan-boule
Copy link

johan-boule commented Sep 23, 2024
edited
Loading

I don't understand at all what I'm doing but, if I keep only one licence element in that conanfile.py, this fixes the error.

@jkowalleck
Copy link
Member Author

jkowalleck commented Sep 23, 2024
edited
Loading

I don't understand at all what I'm doing but, if I keep only one licence element in that conanfile.py, this fixes the error.

This is the repository of CycloneDX specification - the international standard.
This is not the place to tell about possible bugs in some implementation. Please refer to the issue tracker in the respective repository of your domain.

@johan-boule
Copy link

OK, thanks, I will suggest on Conan's repository to combine the the 2 license expressions into one with and AND operator:

GPL-2.0-only WITH Classpath-exception-2.0 AND GPL-2.0-only WITH OpenJDK-assembly-exception-1.0

Perhaps multiple WITH clauses are allowed, but my guess is that would mean the same.

@villaflaminio villaflaminio mentioned this pull request Nov 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@madpah madpah madpah approved these changes

@stevespringett stevespringett stevespringett approved these changes

Assignees
No one assigned
Labels
defect
Projects
None yet
Milestone
1.5
Development

Successfully merging this pull request may close these issues.

JSON and XML schemas differ for licenses
4 participants
@jkowalleck @johan-boule @stevespringett @madpah