fix: convert license expressions, fix conversion issues#283
Open
kzantow wants to merge 3 commits intospdx:spdx3from
Open
fix: convert license expressions, fix conversion issues#283kzantow wants to merge 3 commits intospdx:spdx3from
kzantow wants to merge 3 commits intospdx:spdx3from
Conversation
Signed-off-by: Keith Zantow <kzantow@gmail.com>
Signed-off-by: Keith Zantow <kzantow@gmail.com>
kzantow
commented
Apr 13, 2026
| Bundle{}, | ||
| } { | ||
| out = append(out, | ||
| cmpopts.IgnoreFields(t, "Elements"), |
Collaborator
Author
There was a problem hiding this comment.
This was causing a lot of stuff to be missed in the diff.
Signed-off-by: Keith Zantow <kzantow@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR primarily corrects an issue where all licenses were converted from 2.3 to 3.0 as SimpleLicenses. Now, complex licenses are converted to the conjunctive/disjunctive license structures.
While working on this, I noticed tests were erroneously passing due to not comparing the
Elementslist. After discussion with implementors, it seems that Elements are where all elements should go which are not the direct subject of a collection and this should contain all elements in collection's object graph. As an example, an SpdxDocument has Elements and RootElements, an SBOM would typically be the sole entry in the RootElements, the SBOM RootElements has a root package, say a package which represents the container. Relationships are added to the Elements list and this ends up being the only way to reference related packages and other related information. In addition to that, the Elements properties would contain the container package -- all the way up the object graph to the SpdxDocument.Element property. Now, any ElementCollection automatically has it's Elements collection flattened and deduplicated during serialization. These Element lists are also tested as part of the diffing process.