oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow cyclonedx json input with no components (#2127)

Browse Source 
Signed-off-by: Ahmet Taha Özdemir <me@ahoz.de>
This commit is contained in:
Ahmet Taha 2023-09-13 19:14:14 +02:00 committed by GitHub
parent c21b16d924
commit 5035d9ca1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
syft/formats/common/cyclonedxhelpers/decoder.go
View File

@ -27,7 +27,8 @@ func GetValidator(format cyclonedx.BOMFileFormat) sbom.Validator {
} }
xmlWithoutNS := format == cyclonedx.BOMFileFormatXML && !strings.Contains(bom.XMLNS, cycloneDXXmlSchema) xmlWithoutNS := format == cyclonedx.BOMFileFormatXML && !strings.Contains(bom.XMLNS, cycloneDXXmlSchema)
if (cyclonedx.BOM{} == *bom || bom.Components == nil || xmlWithoutNS) { xmlWithoutComponents := format == cyclonedx.BOMFileFormatXML && bom.Components == nil
if (cyclonedx.BOM{} == *bom || xmlWithoutComponents || xmlWithoutNS) {
return fmt.Errorf("not a valid CycloneDX document") return fmt.Errorf("not a valid CycloneDX document")
} }
return nil return nil