Skip to content

Commit

Permalink
fix(sbom): don't overwrite srcEpoch when decoding SBOM files [backp…
Browse files Browse the repository at this point in the history 
…ort: release/v0.52] (#6881)

Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
  • Loading branch information
@aqua-bot @DmitriyLewen
aqua-bot and DmitriyLewen authored Jun 7, 2024
1 parent 093c0ae commit f186d22
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions pkg/sbom/io/decode.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -271,6 +271,11 @@ func (m *Decoder) fillSrcPkg(c *core.Component, pkg *ftypes.Package) {
}
m.parseSrcVersion(pkg, c.SrcVersion)

// Source info was added from component or properties
if pkg.SrcName != "" && pkg.SrcVersion != "" {
return
}

// Fill source package information for components in third-party SBOMs .
if pkg.SrcName == "" {
pkg.SrcName = pkg.Name
Expand Down

0 comments on commit f186d22

Please sign in to comment.