Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal to implement Maven CycloneDX Property Taxonomy #68

Open
karthika-g opened this issue Jul 27, 2023 · 6 comments
Open

Proposal to implement Maven CycloneDX Property Taxonomy #68

karthika-g opened this issue Jul 27, 2023 · 6 comments

Comments

@karthika-g
Copy link

Hi,

This is a proposal to add a new Namespace for Maven under cdx namespace.
For example something like cdx:maven similar to npm.

With this a property to specify the scope of the dependency scope. i.e https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#dependency-scope
which can be repreented as cdx:maven:package:scope
@jkowalleck
Copy link
Member

jkowalleck commented Jul 27, 2023
edited
Loading

caused by CycloneDX/cyclonedx-maven-plugin#384

@hboutemy what is your opinion on the new namespace?

@jkowalleck
Copy link
Member

would somebody draft a pullrequest for the new namespace?
See the existing ones for examples: https://github.com/CycloneDX/cyclonedx-property-taxonomy/tree/main/cdx

we then could discuss changes and additions in the opened pulrequest.

@hboutemy
Copy link

We already have created a few properties in previous cyclonedx-maven-plugin without making them formal: I'll need to formalize existing ones
and new ones need to be created immediately in the official taxonomy
I'll have a look next week, I'm busy for now...

@jkowalleck
Copy link
Member

Great. Looking forward to merging your pullrequest. :D

hboutemy added a commit to hboutemy/cyclonedx-property-taxonomy that referenced this issue Jul 31, 2023
@hboutemy
init maven taxonomy with existing properties
a6582f5 
fixes CycloneDX#68

Signed-off-by: Hervé Boutemy <hboutemy@apache.org>
@hboutemy hboutemy mentioned this issue Jul 31, 2023
Closed
hboutemy added a commit to hboutemy/cyclonedx-property-taxonomy that referenced this issue Aug 22, 2023
@hboutemy
init maven taxonomy with existing properties
7b80e70 
fixes CycloneDX#68

Signed-off-by: Hervé Boutemy <hboutemy@apache.org>
@prabhu
Copy link

prabhu commented Apr 17, 2024

Maven plugin seems to be using a maven: prefix.

https://github.com/CycloneDX/cyclonedx-maven-plugin/blob/925b04fdd74e4e412e1cc06d7fad9e7a102e329c/src/main/java/org/cyclonedx/maven/BaseCycloneDxMojo.java#L331

https://github.com/CycloneDX/cyclonedx-property-taxonomy

"properties" : [
      {
        "name" : "maven.goal",
        "value" : "makeAggregateBom"
      },
      {
        "name" : "maven.scopes",
        "value" : "compile,provided,runtime,system,test"
      }
    ]

@jkowalleck
Copy link
Member

see discussion here: #69

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

init cdx:maven taxonomy with existing properties hboutemy/cyclonedx-property-taxonomy
4 participants
@prabhu @hboutemy @jkowalleck @karthika-g