Skip to content

fix: validation SBOM reports#2792

Merged
simar7 merged 8 commits intoaquasecurity:mainfrom
afdesk:fix/sbom-validation
Dec 5, 2025
Merged

fix: validation SBOM reports#2792
simar7 merged 8 commits intoaquasecurity:mainfrom
afdesk:fix/sbom-validation

Conversation

@afdesk
Copy link
Copy Markdown
Contributor

@afdesk afdesk commented Oct 22, 2025
edited
Loading

Description

This PR resolves an issue where the generated sbomreport was not fully compatible with the CycloneDX specification when an expression value was provided without an accompanying license field.

In addition, the PR introduces validation tests that assert the structural correctness of the produced SBOM report. T

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@github-actions github-actions bot added the bug label Oct 22, 2025
@afdesk afdesk added this to the v0.30.0 milestone Oct 28, 2025
@afdesk afdesk marked this pull request as ready for review December 3, 2025 06:47
@afdesk afdesk requested a review from simar7 as a code owner December 3, 2025 06:47
@simar7 simar7 merged commit 4e1c45f into aquasecurity:main Dec 5, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simar7 simar7 simar7 approved these changes

Assignees

No one assigned

Labels

bug

Projects

None yet

Milestone

v0.30.0

Development

Successfully merging this pull request may close these issues.

sbomreport is not CycloneDX compatible

2 participants

@afdesk @simar7