Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bom-ref help text needs tweaking #616

Open
prabhu opened this issue Mar 28, 2025 · 3 comments
Open

bom-ref help text needs tweaking #616

prabhu opened this issue Mar 28, 2025 · 3 comments
Labels
defect
Milestone
1.7

Comments

@prabhu
Copy link
Contributor

prabhu commented Mar 28, 2025

bom-ref is a required attribute, so we need to remove the optional word from the description.

specification/schema/bom-1.6.schema.json

Line 3887 in d570ffb

"bom-ref",

specification/schema/bom-1.6.schema.json

Line 3895 in d570ffb

"description": "An optional identifier which can be used to reference the workflow elsewhere in the BOM. Every bom-ref must be unique within the BOM.\nValue SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links.",

specification/schema/bom-1.6.schema.json

Line 4207 in d570ffb

"bom-ref",

specification/schema/bom-1.6.schema.json

Line 4214 in d570ffb

"description": "An optional identifier which can be used to reference the workspace elsewhere in the BOM. Every bom-ref must be unique within the BOM.\nValue SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links.",

I think in 1.7 we can think of externalizing the help texts and referring to them with short codes. That way the description will be consistent and could be internationalized. Whether an attribute is required or not could be determined entirely from the required array.
@jkowalleck
Copy link
Member

is removing the word "optional" not enough? is it really required in the help test, @stevespringett ?

@jkowalleck jkowalleck added this to the 1.7 milestone Mar 28, 2025
@stevespringett
Copy link
Member

Lets just remove the word optional in this case.

@prabhu
Copy link
Contributor Author

prabhu commented Mar 29, 2025

More instance (found with cdxgenGPT!):

specification/schema/bom-1.6.schema.json

Line 4039 in d570ffb

"description": "An optional identifier which can be used to reference the task elsewhere in the BOM. Every bom-ref must be unique within the BOM.\nValue SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links.",

specification/schema/bom-1.6.schema.json

Line 4363 in d570ffb

"description": "An optional identifier which can be used to reference the trigger elsewhere in the BOM. Every bom-ref must be unique within the BOM.\nValue SHOULD not start with the BOM-Link intro 'urn:cdx:' to avoid conflicts with BOM-Links.", 

I have uploaded the cyclonedx json schema. I am looking for mistakes in the description text where the word "optional" is used while the attribute is part of the required array. Couple of examples: `workflow.bom-ref` attribute has the description beginning with "An optional identifier", while bom-ref is part of the required array 

json
"required": [
        "bom-ref",
        "uid",
        "taskTypes"
      ]

Similar mistake could also be found for `workspace.bom-ref`. Can you review the attached file and find other attributes with similar issues in description text?

Image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect
Projects
None yet
Milestone
1.7
Development

No branches or pull requests
3 participants
@prabhu @jkowalleck @stevespringett