[jira] [Resolved] (BATIK-1391) Correct SCM URL in POM to point to GitHub

Simon Steiner (Jira) Tue, 09 Dec 2025 00:30:48 -0800


     [ 
https://issues.apache.org/jira/browse/BATIK-1391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Simon Steiner resolved BATIK-1391.
----------------------------------
    Fix Version/s: main
       Resolution: Fixed

https://github.com/apache/xmlgraphics-batik/commit/dde4b40a5f2ab6ed2205319ba3401f1c59a1adbe

> Correct SCM URL in POM to point to GitHub
> -----------------------------------------
>
>                 Key: BATIK-1391
>                 URL: https://issues.apache.org/jira/browse/BATIK-1391
>             Project: Batik
>          Issue Type: Improvement
>          Components: Build Tools
>    Affects Versions: 1.19
>            Reporter: James Richardson
>            Assignee: Simon Steiner
>            Priority: Minor
>             Fix For: main
>
>
> [pom.xml|https://github.com/apache/xmlgraphics-batik/blob/main/pom.xml#L190] 
> contains the following:
> {code:xml}
>   <scm>
>     
> <connection>scm:svn:https://svn.apache.org/repos/asf/xmlgraphics/batik/trunk/</connection>
>     
> <url>scm:svn:https://svn.apache.org/repos/asf/xmlgraphics/batik/trunk/</url>
>     <developerConnection></developerConnection>
>   </scm>
> {code}
> This results in the source control URL in the Maven central repo pointing to 
> svn.apache.org (see 
> [https://central.sonatype.com/artifact/org.apache.xmlgraphics/batik-transcoder]).
> This is a problem for us because we generate an [SBOM|https://cyclonedx.org/] 
> from our Gradle build, and that SBOM will then contain this:
> {code:json}
>         {
>           "url" : 
> "scm:svn:https://svn.apache.org/repos/asf/xmlgraphics/batik/trunk/batik-transcoder/";,
>           "type" : "vcs"
>         }
> {code}
> That SBOM is then used (among other things) to do something called "OSS 
> Qualification", which assigns a score between 0 and 10 to each of our OSS 
> components, based on criteria such as: how many contributors it has, how 
> recently it was updated, etc..
> If the SBOM points to the old svn.apache.org repo, then our OSS Qualification 
> process can't carry out those checks on the Batik components. I think it must 
> only work on GitHub, and perhaps some other popular OSS repos - anything repo 
> that can give it the metrics it needs.
> I believe that if the SCM URL in the POM was updated to point to GitHub, then 
> we wouldn't need to work around this issue in our SBOM generation process or 
> our OSS Qualification process.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (BATIK-1391) Correct SCM URL in POM to point to GitHub

Reply via email to