Skip to content

Commit

Permalink
fix: invalid cpe generated (fixes #11)
Browse files Browse the repository at this point in the history
  • Loading branch information
@anthonyharrison
anthonyharrison committed Jan 3, 2024
1 parent 8a623d5 commit c346369
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 4 deletions.
3 changes: 2 additions & 1 deletion distro2sbom/distrobuilder/dpkgbuilder.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,10 +200,11 @@ def process_package(self, package_name, parent="-"):
)
if len(supplier) > 1:
component_supplier = self.format_supplier(supplier, include_email=False)
cpe_version = version.replace(':','\\:')
self.sbom_package.set_externalreference(
"SECURITY",
"cpe23Type",
f"cpe:2.3:a:{component_supplier.replace(' ', '_').lower()}:{package}:{version}:*:*:*:*:*:*:*",
f"cpe:2.3:a:{component_supplier.replace(' ', '_').lower()}:{package}:{cpe_version}:*:*:*:*:*:*:*",
)
# Store package data
self.sbom_packages[
Expand Down
3 changes: 2 additions & 1 deletion distro2sbom/distrobuilder/rpmbuilder.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,10 +210,11 @@ def process_package(self, package_name, parent="-"):
)
if len(supplier) > 1:
component_supplier = self.format_supplier(supplier, include_email=False)
cpe_version = version.replace(':','\\:')
self.sbom_package.set_externalreference(
"SECURITY",
"cpe23Type",
f"cpe:2.3:a:{component_supplier.replace(' ', '_').lower()}:{package}:{version}:*:*:*:*:*:*:*",
f"cpe:2.3:a:{component_supplier.replace(' ', '_').lower()}:{package}:{cpe_version}:*:*:*:*:*:*:*",
)
# Store package data
self.sbom_packages[
Expand Down
4 changes: 2 additions & 2 deletions distro2sbom/version.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Copyright (C) 2023 Anthony Harrison
# Copyright (C) 2024 Anthony Harrison
# SPDX-License-Identifier: Apache-2.0

VERSION: str = "0.4.1"
VERSION: str = "0.4.2"

0 comments on commit c346369

Please sign in to comment.