Validation differences in extractedText #37
Description
During research for this issue I came across an inconsistency in the java-tools (and the online validator).
Converting this tag-value file (which is marked as valid by the java-tools):
SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: SAG-PM generated SBOM
DocumentNamespace: dns:softwareassuranceguardian.com
Creator: Organization: dns:reliableenergyanalytics.com
Creator: Tool: SAG-PM Version: 1.2
Created: 2022-11-26T18:45:28Z
PackageName: apache-tomcat-9.0.69.zip
PackageVersion: 9.0.69
SPDXID: SPDXRef-Package-fc4a1bf0-78a0-43ca-b4a9-78adfb42138c
PackageSupplier: Organization: Apache Foundation
PackageDownloadLocation: https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.69/bin/apache-tomcat-9.0.69.zip/
FilesAnalyzed: false
LicenseID: LicenseRef-Unlicense
LicenseName: Unlicense
to json will include a new tag extractedText:
"hasExtractedLicensingInfos" : [ {
"licenseId" : "LicenseRef-Unlicense",
"extractedText" : "WARNING: TEXT IS REQUIRED",
"name" : "Unlicense"
} ]
As also mentioned in the issue linked above, I believe that the extracted text is mandatory and the above tag-value example should not be marked as valid.
Metadata
Metadata
Assignees
Labels
No labels