cyclonedx-python icon indicating copy to clipboard operation
cyclonedx-python copied to clipboard
verified publisher icon CycloneDX

feat!: don't "fix" licenses if not needed #995

Open Rohankaf opened this issue 2 months ago • 3 comments

Previously, the licenses_fixup function would always "fix" licenses even if they were already compliant. With CycloneDX 1.7, this is no longer needed.

This change:

  • Leaves compliant components untouched.
  • Moves only mixed licenses (expression + named) to evidence.
  • Avoids unnecessary modifications to license data.
  • fixes #995

Rohankaf avatar Nov 18 '25 00:11 Rohankaf

this current "patch" does not solve anything relkated to #995

jkowalleck avatar Nov 18 '25 09:11 jkowalleck

Hello @Rohankaf , I noticed you are quite new to contributing to open source.

I converted your pull request to "draft", since it is not ready in its current state.

  1. it does not address the topic of the ticket it is supposed to fix
  2. it has failing tests
  3. it does follow our contribution guideline https://github.com/CycloneDX/cyclonedx-python?tab=readme-ov-file#contributing

please address the previously mentioned things. Let me know, if you need any guidance or mentoring.

jkowalleck avatar Nov 18 '25 09:11 jkowalleck

i see you opened another PR: #997

there is no need to create a new branch and open a new PR. the usual processes to improve the existing feature branch and the pull request will update automatically. This way, the communication logs are kept in tact.

jkowalleck avatar Nov 20 '25 10:11 jkowalleck