Cannot deserialize value of type org.cyclonedx.model.component.evidence.Identity
#4402
Unanswered
JoergBruenner
asked this question in
Q&A
Replies: 1 comment
-
|
Hi @JoergBruenner, your SBOM uses version 1.6 of the CycloneDX specification. The model differs concerning the
See https://cyclonedx.org/docs/1.6/json/#tab-pane_components_items_evidence_identity_oneOf_i0 Your SBOM (1.6) contains an array for |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
I'm running v. 4.11.3. It runs in an error importing a SBoM:
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot deserialize value of type
org.cyclonedx.model.component.evidence.Identityfrom Array value (tokenJsonToken.START_ARRAY)at [Source: (byte[])"{
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:e6eb9fcc-63ef-407f-927b-446d86025aab",
"version": 1,
"metadata": {
"timestamp": "2024-11-22T13:35:42Z",
"tools": {
"components": [{
"group": "@CycloneDX",
"name": "cdxgen",
"version": "11.0.3",
"purl": "pkg:npm/cyclonedx/[email protected]",
"type": "application",
"[truncated 56798 bytes]; line: 57, column: 29] (through reference chain: org.cyclonedx.model.Bom["components"]->java.util.ArrayList[0]->org.cyclonedx.model.Component["evidence"]->org.cyclonedx.model.Evidence["identity"])
Position (57,29') is the '[' in the "identity": [{ line:
"components": [{
"group": "ojdbc7",
"name": "ojdbc7",
"version": "12.1.0.2.0",
"purl": "pkg:maven/ojdbc7/[email protected]?type=jar",
"type": "library",
"bom-ref": "pkg:maven/ojdbc7/[email protected]?type=jar",
"evidence": {
"identity": [{
"field": "purl",
"confidence": 0.5,
"methods": [{
"technique": "filename",
"confidence": 0.5,
"value": "ojdbc7.jar"
}
]
}
]
},
The first look in CycloneDX spec didn't help: The identity object seems to be fine.
What's wrong?
Thanks a lot for your help
Jörg
Beta Was this translation helpful? Give feedback.
All reactions