Bom-ref vs. bom-id? #671
andreas-hilti
started this conversation in
Ideas, Proposals, RFCs
Bom-ref vs. bom-id?
#671
Replies: 1 comment 2 replies
-
|
@stevespringett FYI |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
I wouldn't mind having the additional clarity. Thanks for the suggestion. Will consider for 2.0. |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I'm wondering about the identifier "bom-ref": shouldn't this rather be called "bom-id"?
If you look at the description https://cyclonedx.org/docs/1.6/json/#components_items_bom-ref
For me, the component has an identifier (which I'd rather call "bom-id"), and this bom-id is then referenced in other places, e.g. in dependencies https://cyclonedx.org/docs/1.6/json/#dependencies_items_ref
which should rather be:
Only where it is used/referenced, this is actually a reference.
Could this be considered for CycloneDX 2.0?
For me, the main benefit would be clarity and alignment with standard usage of the term "reference".
Beta Was this translation helpful? Give feedback.
All reactions