Updates license compliance info matrix by felickz · Pull Request #1032 · microsoft/sbom-tool (original) (raw)
This documentation appears inaccurate. Based on warnings seen in SBOM tool run there is not support for Maven license information:
##[debug]License retrieval for component type maven is not supported yet.
but it is listed as supported:
The only supported ecosystems (this appears to be the only ILicenseInformationFetcher implemenataion) are:
| switch (componentType) |
|---|
| { |
| case "npm": |
| listOfComponentsForApi.Add($"{componentType}/npmjs/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| case "nuget": |
| listOfComponentsForApi.Add($"{componentType}/nuget/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| case "gem": |
| listOfComponentsForApi.Add($"{componentType}/rubygems/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| case "pypi": |
| listOfComponentsForApi.Add($"{componentType}/pypi/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| case "cargo": |
| listOfComponentsForApi.Add($"crate/cratesio/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| case "cocoapods": |
| listOfComponentsForApi.Add($"pod/{componentType}/{clearlyDefinedNamespace}/{componentName}/{componentVersion}"); |
| break; |
| default: |
| log.Debug($"License retrieval for component type {componentType} is not supported yet."); |
| break; |
| } |
| } |
| } |
See rendered updates: https://github.com/felickz/sbom-tool/blob/patch-1/docs/feature-overview.md#packages-section