Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: throw warning if sbom is tagged internal #364

Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

feat: throw warning if sbom is tagged internal #364

wants to merge 18 commits into from

Conversation

Matze08
Copy link
Collaborator

@Matze08 Matze08 commented Jan 13, 2025

closes: #224

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 13, 2025
edited
Loading

Coverage

Coverage Report •
FileStmtsMissCoverMissing
build_public_bom.py970100% 
TOTAL205510394% 

Tests Skipped Failures Errors Time
382 2 💤 0 ❌ 0 🔥 13.014s ⏱️

@Matze08 Matze08 requested a review from CBeck-96 January 13, 2025 11:21
@italvi italvi removed the request for review from CBeck-96 January 14, 2025 06:23
@italvi italvi changed the title feat: throw warning if sbom is tagged internal Draft: feat: throw warning if sbom is tagged internal Jan 15, 2025
@italvi italvi changed the title Draft: feat: throw warning if sbom is tagged internal feat: throw warning if sbom is tagged internal Jan 15, 2025
@italvi italvi marked this pull request as draft January 15, 2025 07:11
@github-actions github-actions bot added the documentation Improvements or additions to documentation label Jan 17, 2025
@Matze08 Matze08 marked this pull request as ready for review January 20, 2025 08:51
@Matze08 Matze08 requested a review from italvi January 20, 2025 08:52
italvi
italvi requested changes Jan 27, 2025
View reviewed changes
cdxev/build_public_bom.py Outdated
logger = logging.getLogger(__name__)


def check_affected_metadata(metadata: dict[str, Any], path_to_schema: Path) -> bool:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use the already existing function, where it's checked for components instead of introducing a new function

cdxev/build_public_bom.py Outdated
Comment on lines 39 to 40
"Warning: `metadata.component` is not affected by the JSON schema!",
"Please check manually.",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The warning should be something like "metadata.component was not removed even though the JSON schema applies to it. Maybe you try to create an external SBOM for an internal component?"

@Matze08 Matze08 requested a review from italvi January 28, 2025 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@italvi italvi Awaiting requested review from italvi

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
documentation Improvements or additions to documentation enhancement New feature or request settings_changes unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Build public does not delete metadata.component even if its tagged internal
2 participants
@Matze08 @italvi