diff --git a/pom.xml b/pom.xml
index 7c8bd17..0ad1c5d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -120,17 +120,17 @@
org.spdx
java-spdx-library
- 2.0.0-RC1
+ 2.0.0-RC2
org.spdx
spdx-rdf-store
- 2.0.0-RC1
+ 2.0.0-RC2
org.spdx
spdx-jackson-store
- 2.0.0-RC1
+ 2.0.0-RC2
org.apache.ws.xmlschema
@@ -140,12 +140,12 @@
org.spdx
spdx-spreadsheet-store
- 2.0.0-RC1
+ 2.0.0-RC2
org.spdx
spdx-tagvalue-store
- 2.0.0-RC1
+ 2.0.0-RC2
com.networknt
@@ -161,7 +161,7 @@
org.spdx
spdx-v3jsonld-store
- 1.0.0-RC2
+ 1.0.0-RC3
org.apache.poi
@@ -175,12 +175,6 @@
5.2.0
compile
-
- org.spdx
- spdx-rdf-store
- 2.0.0-RC1
- compile
-
diff --git a/src/main/java/org/spdx/tools/SpdxConverter.java b/src/main/java/org/spdx/tools/SpdxConverter.java
index 765d230..aeb500e 100644
--- a/src/main/java/org/spdx/tools/SpdxConverter.java
+++ b/src/main/java/org/spdx/tools/SpdxConverter.java
@@ -143,7 +143,6 @@ public static void convert(String fromFilePath, String toFilePath) throws SpdxCo
* @param toFilePath Path of output file for the conversion
* @param fromFileType Serialization type of the file to convert from
* @param toFileType Serialization type of the file to convert to
- * @param excludeLicenseDetails If true, don't copy over properties of the listed licenses
* @throws SpdxConverterException
*/
public static void convert(String fromFilePath, String toFilePath, SerFileType fromFileType,
@@ -293,7 +292,7 @@ private static void copyV2ToV3(ISerializableModelStore fromStore,
CreationInfo defaultCreationInfo = Spdx2to3Converter.convertCreationInfo(fromDoc.getCreationInfo(),
toStore, toUriPrefix);
Spdx2to3Converter converter = new Spdx2to3Converter(toStore, copyManager, defaultCreationInfo,
- SpdxModelFactory.getLatestSpecVersion(), toUriPrefix);
+ SpdxModelFactory.getLatestSpecVersion(), toUriPrefix, !excludeLicenseDetails);
converter.convertAndStore(fromDoc);
// Make sure we get all files, packages and snippets - any relationships and annotations will be copied
// as properties. Note that the conversion of the document should already have been copied.
diff --git a/src/main/java/org/spdx/tools/Verify.java b/src/main/java/org/spdx/tools/Verify.java
index 84b9a59..de421f2 100644
--- a/src/main/java/org/spdx/tools/Verify.java
+++ b/src/main/java/org/spdx/tools/Verify.java
@@ -128,10 +128,9 @@ public static void main(String[] args) {
* @param filePath File path to the SPDX file to be verified
* @param fileType
* @return A list of verification errors - if empty, the SPDX file is valid
- * @throws InvalidFileNameException
- * @throws IOException
- * @throws SpdxVerificationException
- * @throws Errors where the SPDX file can not be parsed or the filename is invalid
+ * @throws InvalidFileNameException on invalid file name or file not found
+ * @throws IOException on IO error
+ * @throws SpdxVerificationException where the SPDX file can not be parsed or the filename is invalid
*/
public static List verify(String filePath, SerFileType fileType) throws SpdxVerificationException {
Objects.requireNonNull(filePath);
diff --git a/src/main/java/org/spdx/tools/compare/DocumentSheet.java b/src/main/java/org/spdx/tools/compare/DocumentSheet.java
index bcbb8d2..b0e2a1a 100644
--- a/src/main/java/org/spdx/tools/compare/DocumentSheet.java
+++ b/src/main/java/org/spdx/tools/compare/DocumentSheet.java
@@ -394,7 +394,6 @@ private void setCellEqualValue(Cell cell) {
}
/**
- * @param docNames
* @throws SpdxCompareException
* @throws InvalidSPDXAnalysisException
*/
diff --git a/src/main/java/org/spdx/tools/compare/MultiDocumentSpreadsheet.java b/src/main/java/org/spdx/tools/compare/MultiDocumentSpreadsheet.java
index 7aefc16..dedd571 100644
--- a/src/main/java/org/spdx/tools/compare/MultiDocumentSpreadsheet.java
+++ b/src/main/java/org/spdx/tools/compare/MultiDocumentSpreadsheet.java
@@ -427,7 +427,7 @@ public void importVerificationErrors(
}
/**
- * @throws AnalyzeException
+ * @throws SpreadsheetException
*
*/
public void close() throws SpreadsheetException {
diff --git a/src/test/java/org/spdx/tools/SpdxConverterTestV3.java b/src/test/java/org/spdx/tools/SpdxConverterTestV3.java
index 5a55663..608a23e 100644
--- a/src/test/java/org/spdx/tools/SpdxConverterTestV3.java
+++ b/src/test/java/org/spdx/tools/SpdxConverterTestV3.java
@@ -12,6 +12,7 @@
import java.nio.file.Path;
import java.util.List;
import java.util.Objects;
+import java.util.Optional;
import org.junit.After;
import org.junit.Before;
@@ -20,6 +21,7 @@
import org.spdx.library.ModelCopyManager;
import org.spdx.library.SpdxModelFactory;
import org.spdx.library.model.v3_0_1.core.Element;
+import org.spdx.library.model.v3_0_1.core.NamespaceMap;
import org.spdx.library.model.v3_0_1.core.SpdxDocument;
import org.spdx.library.model.v3_0_1.software.SpdxFile;
import org.spdx.library.model.v3_0_1.software.SpdxPackage;
@@ -106,6 +108,12 @@ public void testV2JsonToV3JsonLD() throws SpdxConverterException, InvalidSPDXAna
assertEquals(sourcePackage.getName().get(), resultPackage.getName().get());
assertEquals(sourceFile.getName().get(), resultFile.getName().get());
+
+ assertEquals(1, resultDoc.getNamespaceMaps().size());
+ Optional map = resultDoc.getNamespaceMaps().stream().findFirst();
+ assertTrue(map.isPresent());
+ assertEquals("http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301#", map.get().getNamespace());
+ assertEquals("DocumentRef-spdx-tool-1.2", map.get().getPrefix());
// TODO: create a more extensive set of checks
}
diff --git a/src/test/java/org/spdx/tools/VerifyTest.java b/src/test/java/org/spdx/tools/VerifyTest.java
index aa11ba0..7b2f627 100644
--- a/src/test/java/org/spdx/tools/VerifyTest.java
+++ b/src/test/java/org/spdx/tools/VerifyTest.java
@@ -30,6 +30,7 @@ public class VerifyTest extends TestCase {
static final String TEST_YAML_FILE_PATH = TEST_DIR + File.separator + "SPDXYAMLExample-2.3.spdx.yaml";
static final String TEST_WARNING_FILE_PATH = TEST_DIR + File.separator + "SPDXTagExample-v2.2-warning.spdx";
static final String BAD_JSON_FILE_PATH = TEST_DIR + File.separator + "BadJSON.spdx.json";
+ static final String DOUBLE_JSON_LD_FILE_PATH = TEST_DIR + File.separator + "double.jsonld";
protected void setUp() throws Exception {
super.setUp();
@@ -44,7 +45,7 @@ protected void tearDown() throws Exception {
public void testUpsupportedVersionFields() throws SpdxVerificationException {
List result = Verify.verify(TEST_V23_FIELDS_IN_V22_FILE, SerFileType.JSON);
- assertTrue(result.size() > 0);
+ assertFalse(result.isEmpty());
}
public void testVerifyTagFile() throws SpdxVerificationException {
@@ -72,13 +73,13 @@ public void testVerify() throws SpdxVerificationException {
public void testVerifyWarning() throws SpdxVerificationException {
List result = Verify.verify(TEST_WARNING_FILE_PATH, SerFileType.TAG);
- assertTrue(result.size() > 0);
+ assertFalse(result.isEmpty());
assertTrue(result.get(0).contains("deprecated"));
}
public void testVerifyBadJSON() throws SpdxVerificationException {
List result = Verify.verify(BAD_JSON_FILE_PATH, SerFileType.JSON);
- assertTrue(result.size() == 4);
+ assertEquals(4, result.size());
}
public void testVerifyJsonLD() throws SpdxVerificationException {
@@ -89,10 +90,15 @@ public void testVerifyJsonLD() throws SpdxVerificationException {
// Test specific spec versions for the JSON format
public void testVerifyJSONVersion() throws SpdxVerificationException {
List result = Verify.verify(JSON_V2_2_FILE_PATH, SerFileType.JSON);
- assertTrue(result.size() == 0);
+ assertEquals(0, result.size());
result = Verify.verify(JSON_V2_3_FILE_PATH, SerFileType.JSON);
- assertTrue(result.size() == 0);
+ assertEquals(0, result.size());
result = Verify.verify(JSON_BAD_VERSION_FILE_PATH, SerFileType.JSON); // a 2.3 version syntax with a 2.2 specversion
- assertTrue(result.size() > 0);
+ assertFalse(result.isEmpty());
+ }
+
+ public void testVerifyDouble() throws SpdxVerificationException {
+ List result = Verify.verify(DOUBLE_JSON_LD_FILE_PATH, SerFileType.JSONLD);
+ assertEquals(0, result.size());
}
}
diff --git a/testResources/double.jsonld b/testResources/double.jsonld
new file mode 100644
index 0000000..708fdb3
--- /dev/null
+++ b/testResources/double.jsonld
@@ -0,0 +1,122 @@
+{
+ "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld",
+ "@graph": [
+ {
+ "type": "Organization",
+ "spdxId": "SPDXRef-MyOrganization:-73f9a129-5eea-4de8-b38b-96832cc72d57",
+ "name": "MyOrganization",
+ "creationInfo": "_:creationinfo"
+ },
+ {
+ "type": "CreationInfo",
+ "@id": "_:creationinfo",
+ "specVersion": "3.0.1",
+ "createdBy": [
+ "SPDXRef-MyOrganization:-73f9a129-5eea-4de8-b38b-96832cc72d57"
+ ],
+ "created": "2025-01-07T07:01:21Z"
+ },
+ {
+ "type": "SpdxDocument",
+ "spdxId": "SPDXRef-Document:-8b2134c3-1472-48c3-bbd9-53cdef129f09",
+ "creationInfo": "_:creationinfo",
+ "dataLicense": "SPDXRef-License:-DataLicenseCC1.0",
+ "profileConformance": [
+ "core",
+ "software",
+ "security",
+ "simpleLicensing"
+ ],
+ "rootElement": [
+ "BOM:ROOT"
+ ]
+ },
+ {
+ "type": "simplelicensing_LicenseExpression",
+ "spdxId": "SPDXRef-License:-DataLicenseCC1.0",
+ "name": "Data License CC 1.0",
+ "description": "Refer to this element if another element's data license is CC 1.0",
+ "creationInfo": "_:creationinfo",
+ "simplelicensing_licenseExpression": "CC-BY-1.0"
+ },
+ {
+ "type": "simplelicensing_LicenseExpression",
+ "spdxId": "SPDXRef-License:-NoAssertion",
+ "name": "NoAssertion",
+ "description": "Refer to this element if another element's license can't be asserted.",
+ "creationInfo": "_:creationinfo",
+ "simplelicensing_licenseExpression": "NOASSERTION"
+ },
+ {
+ "type": "software_Package",
+ "spdxId": "SPDX-ID:-73fde02b-0fda-50b2-ad2e-a219f85c7ce4",
+ "creationInfo": "_:creationinfo",
+ "name": "An example software",
+ "originatedBy": [
+ "Organization: An example organization"
+ ],
+ "software_copyrightText": "NOASSERTION",
+ "software_primaryPurpose": "application",
+ "description": "This is an example software"
+ },
+ {
+ "type": "security_Vulnerability",
+ "spdxId": "SPDXRef-Vulnerability:-CVE-2016-4285",
+ "name": "CVE-2016-4285",
+ "creationInfo": "_:creationinfo",
+ "externalIdentifier": [
+ {
+ "type": "ExternalIdentifier",
+ "externalIdentifierType": "cve",
+ "identifier": "CVE-2016-4285",
+ "identifierLocator": [
+ "https://nvd.nist.gov/vuln/detail/CVE-2016-4285"
+ ]
+ }
+ ]
+ },
+ {
+ "type": "security_CvssV3VulnAssessmentRelationship",
+ "spdxId": "SPDXRef-CVSSAssessment:-CVE-2016-4285",
+ "creationInfo": "_:creationinfo",
+ "relationshipType": "hasAssessmentFor",
+ "security_score": "8.8",
+ "security_severity": "high",
+ "security_vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "from": "SPDXRef-Vulnerability:-CVE-2016-4285",
+ "to": [
+ "SPDX-ID:-73fde02b-0fda-50b2-ad2e-a219f85c7ce4"
+ ]
+ },
+ {
+ "type": "security_VexAffectedVulnAssessmentRelationship",
+ "spdxId": "SPDXRef-VexAffectedRelationship:-CVE-2016-4285",
+ "creationInfo": "_:creationinfo",
+ "relationshipType": "affects",
+ "security_actionStatement": "no_assertion",
+ "from": "SPDXRef-Vulnerability:-CVE-2016-4285",
+ "to": [
+ "SPDX-ID:-73fde02b-0fda-50b2-ad2e-a219f85c7ce4"
+ ]
+ },
+ {
+ "type": "software_Sbom",
+ "spdxId": "BOM:ROOT",
+ "creationInfo": "_:creationinfo",
+ "software_sbomType": [
+ "analyzed"
+ ],
+ "rootElement": [
+ "SPDX-ID:-73fde02b-0fda-50b2-ad2e-a219f85c7ce4"
+ ],
+ "element": [
+ "SPDXRef-License:-DataLicenseCC1.0",
+ "SPDXRef-License:-NoAssertion",
+ "SPDX-ID:-73fde02b-0fda-50b2-ad2e-a219f85c7ce4",
+ "SPDXRef-Vulnerability:-CVE-2016-4285",
+ "SPDXRef-CVSSAssessment:-CVE-2016-4285",
+ "SPDXRef-VexAffectedRelationship:-CVE-2016-4285"
+ ]
+ }
+ ]
+}
\ No newline at end of file