List view
- No due date•1/1 issues closed
BugFix 1.When creating release user wants to know accurate information in newly created release. Changed source code folder name and Source download URL updated in SW360 . 2.Different package ecosystems can contain components with the same name. To accurately identify each valid component, we use the package URL (purl) ID. Component release and update details are then created and updated in SW360.
Due by September 10, 2025•3/3 issues closedFeature: 1.Enhanced Package Identifier: Identify .NET Runtime Detection for Self-contained Projects and Chromium Component Warning with Extensible Suggestions. 2.Updated the CA Tool output via Spectre console. 3.Conan 2.0 package clearance support in clearing automation tool. 4.Cargo package clearance support in clearing automation tool. BugFix: 1.Identify source code and download for "azure storage blob" component. 2.Identify Maven packages from remote repository in Artifactory Uploader. 3.Identify NuGet packages and copied from remote repository to release repository in Artifactory Uploader. 4.If already exists releases not contain source code attachment, CA Tool not able to upload source code show the warning. 5.Identify right NuGet components from packages.config files, And created in Sw360.
Due by November 6, 2025•32/32 issues closed## BugFix - If the release already exists in SW360 and there is no attachment, then CA tool does not find the source code and attach it to the release. - Unable to download source code for certain NuGet packages, e.g., "NUnit.ConsoleRunner". - Artifactory uploader fails to copy certain packages to the siparty-release repository. - Unable to create the release in SW360, and triggers the fossology upload and fails. - Packages show that attachment is missing even when the status is report approved. - Update the message shown to the user when the retry attempt is triggered to get all releases. - ArtifactoryUploader doesn't write a log file after exception. - Prevent duplicate component creation based on Package URL (PURL) for Debian. - Duplicate properties are being created in the BOM. ## Feature - CA tool: update SW360 project name as an optional param; the name can be picked up from the project Id which is mandatory. - Import of SPDX SBoMs. ## Chore - Maintainability and open static code analysis for CA Tool, making it all to zero.
Due by August 13, 2025•18/18 issues closedFeature 1. Upgrade the CA Tool to support the latest CycloneDX SBOM schema (v1.6) with Siemens SBOM Standard version v3. 2. .NET Framework Detection and SBOM Enhancement BugFix 1. After the package is copied in the Artifactory uploader the JFrog package path is updated in SBOM. 2. If fossology-url is found in SW360 we updated that details in SBOM. 3. Initiating fossology process we are displaying Un-wanted message shown to the user in each run ,we removed that message. 4. While updating fossology url in sw360.user won't have enough permission to updating url its sending moderation request. Now we are displaying that message as warning.
Due by June 30, 2025•8/8 issues closedThis milestone focuses on stabilizing and finalizing version 8.0.0, addressing key chore tasks, feature enhancements, and bug fixes before the official release. Chores #### Feature - App settings redesign for Package Identifier , Component creator and Artifactory uploader - Implement CA Tool telemetry - Adding validation for the Fossology URL and its token validity in SW360 - HTTP retry logic for the request made from the tool - Decoupling the package identifier from sw360 and package identifier. #### Bug Fix - Handle null exceptions when initiating Telemetry for all exes. - Updated retry logic warning message for all apis and added Bad request condition for retry. - Initiate trigger fossology process when clearing state is sent to clearing. - Updated nuget build query for identifying nuget packages in jfrog repository. - When creating a Maven BOM file using the package identifier, the ?type=jar suffix is removed from the purl and bomref fields in the components. #### Chore - Adding UT for the pipeline artifact uploader class. - Refactoring the artifactory uploader. - SonarQube bugfixes - Code coverage to 80% - Adding a workflow which contains PR checks.
Due by May 16, 2025•39/39 issues closed