swid-maven-plugin generates tag file with missing attributes

[aalmiray]

Following the instructions at https://pages.nist.gov/swid-tools/swid-maven-plugin/ with v.0.7.0 of the plugin result in a tag file such as

<?xml version="1.0" encoding="UTF-8"?>
<SoftwareIdentity xmlns="http://standards.iso.org/iso/19770/-2/2015/schema.xsd" xml:lang="en-US" name="app" tagId="test.jreleaser-app-1.0.0" tagVersion="1" version="1.0.0" versionScheme="multipartnumeric">
  <Entity name="National Institute of Standards and Technology" role="tagCreator softwareCreator" regid="nist.gov" />
  <Payload xmlns:SHA-256="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:SHA-512="http://www.w3.org/2001/04/xmlenc#sha512">
    <Directory name="..">
      <Directory name="app-1.0.0">
        <Directory name="bin">
          <File name="app" size="3673" SHA-512:hash="c5610260171cae1fffeb6345b3ddd67265f7d7eb6abb06e32f108983daf9be4b88b96547947b6a5989a3fdcd67e3bd89614302d20e583ca6e17f202e34c46e52" SHA-256:hash="c99a8c543312f89660d83625ca1e20f0ba410740224ebf616211636ba0d0264e" />
          <File name="app.bat" size="3161" SHA-512:hash="7c528293394c4266296552de8081612b1a990f6225995025babeb0ad29e6381b733185f7e12d127e868c2c87f220138a24e4d785d16379963bee1abeab6160da" SHA-256:hash="268f38113556b5c3ef1dfe12a2ceef05299aa1fda6a8e3982ca2afe7e3c19d4a" />
        </Directory>
        <Directory name="lib">
          <File name="app-1.0.0.jar" size="4525" SHA-512:hash="2531e760c444b412d67adde51623f7378e347eb9fbe7752af774ab647dac053dbf831975bb3500f4e02de35236d4f4820f9da7ce709bdb37a4ae005e5c25e6cd" SHA-256:hash="836918d061c6a5fd76b8d06b302b4b506208d6e7a14bd329aa98bd1ee9445617" />
        </Directory>
      </Directory>
    </Directory>
  </Payload>
</SoftwareIdentity>

When validating this tag file with swidval I get the following

2024-01-22 13:40:25 INFO  Validating tag: target/distributions/app/app-1.0.0/SWIDTAG/swid-tag.xml
2024-01-22 13:40:25 INFO    tag type: primary
2024-01-22 13:40:25 INFO    authoritative tag: true
2024-01-22 13:40:26 INFO  Creating a schema assessment for derived requirement: GEN-1-1
2024-01-22 13:40:26 INFO  [1]Creating a Schematron assessment using schematron 'classpath:schematron/swid-nistir-8060.sch' with phase 'swid.primary.auth'
2024-01-22 13:40:26 INFO  Loading requirements from: classpath:requirements.xml
2024-01-22 13:40:26 INFO  Starting assessment execution
2024-01-22 13:40:26 INFO  Submitting assessment for execution: [0]XML Schema: classpath:schema/swid-schema-fixed-20160908.xsd
2024-01-22 13:40:26 INFO  Submitting assessment for execution: [1]Schematron: classpath:schematron/swid-nistir-8060.sch(swid.primary.auth)
2024-01-22 13:40:26 INFO  Executing assessment: [0]XML Schema: classpath:schema/swid-schema-fixed-20160908.xsd
2024-01-22 13:40:26 INFO  Executing assessment: [1]Schematron: classpath:schematron/swid-nistir-8060.sch(swid.primary.auth)
2024-01-22 13:40:26 INFO  Assessment completed: [0]XML Schema
2024-01-22 13:40:26 INFO  [0]XML Schema: Checked 1 derived requirements with 1 PASS, 0 WARNING, 0 FAIL, and 0 INFORMATIONAL
2024-01-22 13:40:26 ERROR GEN-22-1: The <Payload> element does not provide a @n8060:pathSeparator attribute.
2024-01-22 13:40:26 ERROR GEN-23-1: The <Payload> element does not provide a @n8060:envVarPrefix attribute.
2024-01-22 13:40:26 ERROR GEN-24-1: The <Payload> element does not provide a @n8060:envVarSuffix attribute.
2024-01-22 13:40:26 ERROR GEN-15-1: The <File> element with the @name 'app' does not provide a @version attribute.
2024-01-22 13:40:26 ERROR GEN-15-1: The <File> element with the @name 'app.bat' does not provide a @version attribute.
2024-01-22 13:40:26 ERROR GEN-15-1: The <File> element with the @name 'app-1.0.0.jar' does not provide a @version attribute.
2024-01-22 13:40:26 ERROR PRI-13-1: The <Meta> element was not provided.
2024-01-22 13:40:26 INFO  Assessment completed: [1]Schematron
2024-01-22 13:40:26 INFO  [1]Schematron: Checked 40 derived requirements with 33 PASS, 0 WARNING, 5 FAIL, and 2 INFORMATIONAL
2024-01-22 13:40:26 INFO  Assessment execution completed
2024-01-22 13:40:26 INFO  Compiling assessment results
2024-01-22 13:40:26 INFO  Checked 36 derived requirements having 31 PASS, 5 WARNING, 0 FAIL, and 0 INFORMATIONAL results
2024-01-22 13:40:26 INFO  Checked 20 base requirements having 15 PASS, 5 WARNING, 0 FAIL, and 0 INFORMATIONAL results
2024-01-22 13:40:26 INFO  The target is valid
2024-01-22 13:40:26 INFO  Storing assessment results to: validation-result.xml
2024-01-22 13:40:26 INFO  Generating HTML report to: validation-report.html

Failures (reported as warnings) found in the HTML report are:

• Every <File> element provided within a <Payload> or <Evidence> element MUST provide a @Version attribute.
• The <File> element with the @name 'app' does not provide a @Version attribute.
• The <File> element with the @name 'app.bat' does not provide a @Version attribute.
• The <File> element with the @name 'app-1.0.0.jar' does not provide a @Version attribute.
• A <Payload> or <Evidence> element SHOULD provide a @n8060:pathSeparator attribute.
• The <Payload> element does not provide a @n8060:pathSeparator attribute.
• A <Payload> or <Evidence> element SHOULD provide a @n8060:envVarPrefix attribute.
• The <Payload> element does not provide a @n8060:envVarPrefix attribute.
• A <Payload> or <Evidence> element SHOULD provide a @n8060:envVarSuffix attribute.
• The <Payload> element does not provide a @n8060:envVarSuffix attribute.
• A <Meta> element MUST be provided, if appropriate values exist and can be determined for the @Product, @colloquialVersion, @revision, and @edition attributes.