Review target
Add one focused parser-boundary fixture for a supported input format: CycloneDX, SPDX, requirements, or pyproject metadata.
Expected contribution
Provide:
- the smallest synthetic before/after inputs,
- the expected normalized component fields,
- the expected diff membership,
- a focused parser or diff test,
- a documentation update if the public boundary changes.
Done when
The fixture is deterministic, public-safe, and does not introduce hidden network access or a new unsupported format claim.
Boundaries
No real private manifests, internal package indexes, credentials, or claims about package safety.
Review target
Add one focused parser-boundary fixture for a supported input format: CycloneDX, SPDX, requirements, or pyproject metadata.
Expected contribution
Provide:
Done when
The fixture is deterministic, public-safe, and does not introduce hidden network access or a new unsupported format claim.
Boundaries
No real private manifests, internal package indexes, credentials, or claims about package safety.