fossa-cli
fossa-cli copied to clipboard
fossas
Parsing of RPM 'Requires' is incorrect when a single line has comma-separated values
As per https://rpm-packaging-guide.github.io/#what-is-a-spec-file, Requires is
"A comma- or whitespace-separated list of packages required by the software to run once installed"
When parsing a project with a spec that contains a single line: Requires: openssl, sqlite, I would expect 2 dependencies to be identified. Instead, just a single dependency of openssl, (note trailing comma) is found.
# fossa -V
spectrometer: version 2.9.0 (revision bbe1cd5fc4c1 compiled with ghc-8.10)
Output from fossa analyze --output:
[ INFO] Analyzing rpm project at /source/alclient/rpm/
{"projects":[{"graph":{"assocs":[],"direct":[0],"deps":[{"version":null,"name":"openssl,","tags":{},"locations":[],"type":"RPMType"}]},"type":"rpm","path":"/source/alclient/rpm/"}],"sourceUnits":[{"Build":{"Dependencies":[{"imports":[],"locator":"rpm+openssl,$"}],"Imports":["rpm+openssl,$"],"Succeeded":true,"Artifact":"default"},"Manifest":"/source/alclient/rpm/","Name":"/source/alclient/rpm/","AdditionalDependencyData":null,"Type":"rpm"}]}
Hi @neil-greenwood - fyi, I will be transferring this issue to fossa-cli repository, as spectrometer code is migrated to fossa-cli for all future development. ANE- 338 in our internal tracker.
