Invalid license URL is generated #889
Labels
enhancement
New feature or request
ready for development
Issue is sufficiently defined and suitable for contributors to start working
Comments
|
Okay, the nasty whitespace comes from nuspec file: https://api.nuget.org/v3-flatcontainer/Mvc4Futures/4.0.20710/Mvc4Futures.nuspec Would it be possible/make sense to trim all urls for example? |
|
I think a valid URL can never start or end with a whitespace, so I see no problem with that |
mtsfoni
added
enhancement
|
True. DependencyTrack has recently started to validate BOMs according to the specification. It requires all URLs to be valid RFC 3987 IRI-references where whitespace is not a valid character. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
Version
3.0.5(tried also3.0.8) seems to generate invalid license URL for one of the components. Note whitespace at the end:{ "type": "library", "bom-ref": "pkg:nuget/[email protected]", "author": "Microsoft", "name": "Mvc4Futures", "version": "4.0.20710", "description": "ASP.NET MVC Futures includes unsupported prototype features for ASP.NET MVC, from the MVC team.", "scope": "required", "hashes": [ { "alg": "SHA-512", "content": "FA3D285759CDD2BEDAD5632B267F76D0275DADE15B81EAA3DED2865B56C5A416E42BD558E1957E7A44D9BA63A719FCCBED30F586B7504ADE80441EA4F74C5031" } ], "licenses": [ { "license": { "name": "Unknown - See URL", "url": "http://www.microsoft.com/web/webpi/eula/aspnetcomponent_enu.htm " <-- here } } ], "copyright": "Microsoft", "purl": "pkg:nuget/[email protected]", "externalReferences": [ { "url": "http://aspnet.codeplex.com/", "type": "website" } ] }BOM is generated as following:
Not sure where the whitespace comes from, component page on Nuget.org has a valid URL.
Would appreciate any help.
The text was updated successfully, but these errors were encountered: