Skip to content

Parser gap wanted: add one deterministic SBOM or manifest boundary fixture #104

Description

@stacknil

Review target

Add one focused parser-boundary fixture for a supported input format: CycloneDX, SPDX, requirements, or pyproject metadata.

Expected contribution

Provide:

  • the smallest synthetic before/after inputs,
  • the expected normalized component fields,
  • the expected diff membership,
  • a focused parser or diff test,
  • a documentation update if the public boundary changes.

Done when

The fixture is deterministic, public-safe, and does not introduce hidden network access or a new unsupported format claim.

Boundaries

No real private manifests, internal package indexes, credentials, or claims about package safety.

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wantedExtra attention is neededpythonPull requests that update python code

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions