Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
wkl3nk created a review comment on a pull request on oss-review-toolkit/ort
No, that unfortunately won't work, because the ORT purls contain a mixture of "/" and "%2F" like in pkg:golang/github.com%2Fquic-go%[email protected], and once you have replaced all "%2F" with "/" t...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
I'm considering this, please note that this is still a draft.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
What else should it apply to, `SOURCE_PACKAGE`? These usually come with metadata, so I went for a more strict approach here. But I might reconsider this, please note that this is still a draft.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Because after having a look at it again, the root license matcher (whose name BTW is confusing, IMO) does something slightly different: For any given directory / file in the tree, it determines whi...
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Hm, personally sacrificing encapsulation for these few bytes of memory is not worth it. What do you think about the middle ground of keeping it private, but turning it into a function?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
I would prefer to keep `url`, because 1. In the most detailed representation the name is `url` 2. Hosted is name of the class. So it's kind of `Hosted.hosted` which seems a tad odd 3. Considerin...
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Why is the logic limited to VCS_PACKAGE?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Does this instance use the configured patterns?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Why have you decided not to use the root license matcher heuristic as-is?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
commit: Why is the result of the root license matcher only used as a fallback, and not always? I believe it should always be used to match the spec.
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9301?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
github-advanced-security[bot] created a review on a pull request on oss-review-toolkit/ort
github-advanced-security[bot] created a review comment on a pull request on oss-review-toolkit/ort
## Nested lambda has shadowed implicit parameter Implicit parameter 'it' of enclosing lambda is shadowed [Show more details](https://github.com/oss-review-toolkit/ort/security/code-scanning/3968)
github-advanced-security[bot] created a review comment on a pull request on oss-review-toolkit/ort
## Disallow shadowing variable declarations. Name shadowed: implicit lambda parameter 'it' [Show more details](https://github.com/oss-review-toolkit/ort/security/code-scanning/3967)
github-advanced-security[bot] created a review on a pull request on oss-review-toolkit/ort
sschuberth opened a draft pull request on oss-review-toolkit/ort
Report detected root licenses as a fallback in the SPDX `licenseDeclared` field
Please have a look at the individual commit messages for the details.sschuberth created a branch on oss-review-toolkit/ort
go-with-spdx-licenses - A suite of tools to automate software compliance checks.
sschuberth pushed 1 commit to main oss-review-toolkit/ort
- deps: update dependency com.github.jmongard.git-semver-plugin to v0.12.11 ed4bccf