-
Notifications
You must be signed in to change notification settings - Fork 146
Closed
Description
Some SBOM creation tools create fileTypes
entries which might contain duplicates, e.g.
"fileTypes": [
"SOURCE",
"TEXT",
"SOURCE",
],
The MR #310 added code for supporting multiple fileTypes but the code is too strict in that it does not allow duplicates. It throws a raise CardinalityError("File::FileType")
in case of dupes. The spec does not forbid this https://spdx.github.io/spdx-spec/v2.2.2/file-information/#83-file-type-field so the parser should not be that strict and crash on such files. I see a similar behavior for licenseInfoInFiles
which do not raise an exception on duplicates.
Metadata
Metadata
Assignees
Labels
No labels