Skip to content

Commit

Permalink
fix(SpdxDocumentFile): Add created issues to the PackageReference
Browse files Browse the repository at this point in the history
Ensure that issues added in `getSpdxPackageForId()` are not dropped,
but rather added to the resulting `PackageReference`.

Signed-off-by: Marcel Bochtler <[email protected]>
  • Loading branch information
MarcelBochtler committed Jul 15, 2024
1 parent 9dd5234 commit cd46518
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -49,15 +49,17 @@ class PackageManagerDependencyHandler(
packageManager: String,
definitionFile: String,
scope: String,
linkage: PackageLinkage
linkage: PackageLinkage,
issues: List<Issue> = emptyList()
): PackageReference =
PackageReference(
id = Identifier(
type = TYPE,
namespace = packageManager,
name = definitionFile.encodeColon(),
version = "$linkage@$scope"
)
),
issues = issues
)

private fun getPackageManagerDependency(node: DependencyNode): PackageManagerDependency? =
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -357,7 +357,8 @@ class SpdxDocumentFile(
}

internal fun getPackageManagerDependency(pkgId: String, doc: SpdxResolvedDocument): PackageReference? {
val spdxPackage = doc.getSpdxPackageForId(pkgId, mutableListOf()) ?: return null
val issues = mutableListOf<Issue>()
val spdxPackage = doc.getSpdxPackageForId(pkgId, issues) ?: return null
val definitionFile = doc.getDefinitionFile(pkgId) ?: return null

if (spdxPackage.packageFilename.isBlank()) return null
Expand All @@ -376,7 +377,8 @@ class SpdxDocumentFile(
packageManager = factory.type,
definitionFile = VersionControlSystem.getPathInfo(packageFile).path,
scope = scope,
linkage = PackageLinkage.PROJECT_STATIC // TODO: Set linkage based on SPDX reference type.
linkage = PackageLinkage.PROJECT_STATIC, // TODO: Set linkage based on SPDX reference type.
issues = issues
)
}
}
Expand Down

0 comments on commit cd46518

Please sign in to comment.