fix: actually preventing .git attachment upload on source

capycli/bom/create_components.py

@@ -361,10 +361,6 @@ def upload_file(
             filename = str(CycloneDxSupport.get_ext_ref_source_file(cx_comp))
             filehash = str(CycloneDxSupport.get_source_file_hash(cx_comp))
 
-            if filename is not None and filename.endswith('.git'):
-                print_red("    WARNING: resetting filename to prevent uploading .git file")
-                filename = None
-
         if filetype in ["BINARY", "BINARY_SELF"]:
             url = str(CycloneDxSupport.get_ext_ref_binary_url(cx_comp))
             filename = str(CycloneDxSupport.get_ext_ref_binary_file(cx_comp))
@@ -378,6 +374,10 @@ def upload_file(
             if filename_parsed:
                 filename = os.path.basename(filename_parsed.path)
 
+        if filetype in ["SOURCE", "SOURCE_SELF"] and filename is not None and filename.endswith('.git'):
+            print_red("    WARNING: resetting filename to prevent uploading .git file")
+            filename = None
+
         if not filename:
             print_red("    Unable to identify filename from url!")
             return

tests/test_bom_create_releases.py

@@ -675,9 +675,6 @@ def test_upload_file_prevent_git_source_upload(self) -> None:
         responses.add(
             responses.GET, 'https://github.com/babel/babel.git',
             body="content")
-        responses.add(
-            responses.POST, SW360_BASE_URL + 'releases/06a6e7/attachments',
-            match=[upload_matcher("babel.git")])
 
         self.app.download = True
         item = Component(
@@ -693,7 +690,7 @@ def test_upload_file_prevent_git_source_upload(self) -> None:
 
         self.app.upload_file(item, {}, "06a6e7", "SOURCE", "")
         captured = self.capsys.readouterr()  # type: ignore
-        assert len(responses.calls) == 2
+        assert len(responses.calls) == 0
         assert "WARNING: resetting filename to prevent uploading .git file" in captured.out
         assert captured.err == ""