[BUG] OrganizationalEntity validation error should not be raised #600
Labels
bug
Something isn't working
Comments
jkowalleck
changed the title
|
@jkowalleck FYI, this is the kind of workaround that is needed short term to read CDX from some weird tool that produce these documents: |
jkowalleck
added a commit
that referenced
this issue
May 6, 2024
fixes #600 --------- Signed-off-by: Jan Kowalleck <[email protected]>
|
expected to be fixed in https://github.com/CycloneDX/cyclonedx-python-lib/releases/tag/v7.3.4 |
|
Thank you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A spec-valid JSON BOM 1.4 with
{"supplier":{"name":""},fails to load and should not fail.The code at
cyclonedx-python-lib/cyclonedx/model/contact.py
Line 282 in 4293101
There is nothing in the spec that says this is invalid... I can accept that there is a way to do a strict validation, but this should be an option AND this should not make it impossible to load a JSON. If this cannot be loaded, fixing the issue is made much harder.
The spec at https://github.com/CycloneDX/specification/blob/1.6/schema/bom-1.4.schema.json#L203 does not have any such requirements, same in https://cyclonedx.org/docs/1.4/xml/#type_organizationalEntity and other versions of the spec.
IMHO such as exception here and elsewhere SHOULD NEVER be raised unless an explicit request for a strict validation for empty values is requested above and beyond what is in the spec.
@tdruez ping
The text was updated successfully, but these errors were encountered: