Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Fix: Updated PackageSupplier to type Organization for JAR files #3093

Merged
merged 2 commits into from
Aug 3, 2024
Merged

Fix: Updated PackageSupplier to type Organization for JAR files #3093

merged 2 commits into from
Aug 3, 2024

Conversation

harippriyas
Copy link
Contributor

Issue:
The PackageSupplier and PackageOriginator are set to type 'Person' for JAR files. For example:

PackageName: jackson-annotations
SPDXID: SPDXRef-Package-java-archive-jackson-annotations-55544ed7d2a352e0
PackageVersion: 2.9.10
PackageSupplier: Person: FasterXML
PackageOriginator: Person: FasterXML

Fix:
Updated to set the type as 'Organization' if vendor is specified in the metadata file of the JAR.

Result:

PackageName: jackson-annotations
SPDXID: SPDXRef-Package-java-archive-jackson-annotations-55544ed7d2a352e0
PackageVersion: 2.9.10
PackageSupplier: Organization: FasterXML
PackageOriginator: Organization: FasterXML

Updated PackageSupplier to type Organization for JAR files
1f7a0f2 
Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>
@harippriyas harippriyas marked this pull request as draft August 3, 2024 10:20
@harippriyas harippriyas marked this pull request as ready for review August 3, 2024 12:23
@kzantow
Copy link
Contributor

kzantow commented Aug 3, 2024

As we discussed, I think this is a good change, could you consider adding a test so we don't regress here?

Fixed build failure
b8b46aa 
Signed-off-by: Harippriya Sivapatham <harippriyasivapatham@gmail.com>
@harippriyas
Copy link
Contributor Author

As we discussed, I think this is a good change, could you consider adding a test so we don't regress here?

The tests were there, the file was not checked in. Can you please re-trigger the workflow to run the tests? Thanks

kzantow
kzantow approved these changes Aug 3, 2024
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @harippriyas

@kzantow kzantow merged commit cc15edc into anchore:main Aug 3, 2024
11 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Aug 9, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@harippriyas @kzantow