Include author for components when available in Cargo metadata #770
Conversation
Signed-off-by: David Smitmanis <[email protected]>
|
I see v1.6 has deprecated the @davids-work what is the motivation for listing the authors like this? Do you need to meet some regulations that require the authors to be listed? |
|
Indeed, or at least the internal interpretation of the regulation(s) that we need to fulfill is that we must include the author field for every dependency. I don't think that there are any rules for the exact formatting (comma-separated or otherwise) in case of multiple authors. I note that the v1.4 spec says "The person(s) or organization(s) that authored the component", so the spec writers seems to at least have had the notion that there might be multiple authors involved. |
|
That seems reasonable to me. Do the best we can in 1.4/1.5 and switch to the better format in 1.6. We could ask in the CycloneDX Slack if there are any preferences....I did a quick search and didn't find anything but I might have missed something. |
No description provided.