Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SPDX in-toto specification does not include version in predicateType #199

Closed
danbev opened this issue Apr 12, 2023 · 1 comment
Closed

SPDX in-toto specification does not include version in predicateType #199

danbev opened this issue Apr 12, 2023 · 1 comment
Assignees
@danbev

Comments

@danbev
Copy link
Contributor

danbev commented Apr 12, 2023
edited
Loading

The in-toto spdx schema/spec does not include the version in the predicateType and forces consumers to parse the predicate and read the value of spdxVersion. It would be nice to have the version included in the predicateType to avoid this. This was something that was discussed when adding the CycloneDX attestation specification to in-toto with the same motivation.

This issue could open a pull request to suggest adding the version to the predicateType.
@danbev danbev self-assigned this Apr 12, 2023
@danbev
Copy link
Contributor Author

danbev commented Apr 12, 2023

The linked PR has been merged so closing this issue.

@danbev danbev closed this as completed Apr 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danbev danbev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@danbev