From 524409d5d299e61b03dd01a0cbc4f0fbdb9db463 Mon Sep 17 00:00:00 2001 From: Kody Stribrny Date: Wed, 20 Dec 2023 14:19:20 -0800 Subject: [PATCH] Correct SPDX ID SPDX ID should not contain underscore characters. Ref - https://spdx.github.io/spdx-spec/v2.2.2/file-information/#821-description --- sbom-generator/sbom_utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbom-generator/sbom_utils.py b/sbom-generator/sbom_utils.py index a19f1c1..d088b1a 100644 --- a/sbom-generator/sbom_utils.py +++ b/sbom-generator/sbom_utils.py @@ -22,7 +22,7 @@ def package_hash(file_list: str) -> str: def file_writer(output, filepath: str, sha1: str, license: str, copyright='NOASSERTION', comment='NOASSERTION'): output.write('FileName: .'+ filepath + '\n') - output.write('SPDXID: SPDXRef-File'+ filepath.replace('/', '-') + '\n') + output.write('SPDXID: SPDXRef-File'+ filepath.replace('/', '-').replace('_', '') + '\n') output.write('FileChecksum: SHA1: '+ sha1 + '\n') output.write('LicenseConcluded: '+ license + '\n') output.write('FileCopyrightText: '+ copyright + '\n')