Optional encoding of license text #235
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
Signed-off-by: Bernhard Willert <bernhard.willert@synaos.com>
The license text encoding is optional per standard, but was hardcoded as base64. This implementation makes it optional and is extensible if the standard introduces additional choices for the encoding. Old behaviour stays as default for backwards compatibility. Signed-off-by: Bernhard Willert <bernhard.willert@synaos.com>
synaos-bwi
force-pushed
the
optional_encoding
branch
from
a5ea36b
to
29c2ac8
Compare
Signed-off-by: Bernhard Willert <bernhard.willert@synaos.com>
|
Thanks for the PR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Per specification, the license text encoding is optional (since v1.1). If stated, it must be one choice of a list of pre-defined values, the only current specified choice is base64.
The Java core code always specified the encoding as base64 with no way to disable the encoding. This was not coherent within the cycloneDX ecosystem, e.g. the npm generator generates a string in plain text. Generating BOMs in a mixed situation leads to differently styled files.
The change at hand offers control over the used encoding, current options are none and base64. For better extensibility and to resemble the specification those choices are modeled as an Enum instead of a toggling boolean. For backwards compatibility old interfaces with their default behavior base64 stay in place. I recommend to deprecate them in the future, to keep the public interface of the LicenseResolver lighter.
Additional test validations have been added for the encoding field. In the future, additional tests could verify that the chosen encoding is actually applied correctly.
If accepted, I'll create a follow-up pull request for the cycloneDX maven plugin to make use of this new functionality.