Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Agreed, it seem odd that Copyrights are wrapped in `CDATA` if part of `<evidence>`, but not otherwise.
sschuberth created a comment on a pull request on oss-review-toolkit/ort
> @sschuberth Funnily enough, I found out you had an `escapeXML` function in the past: https://github.com/oss-review-toolkit/ort/pull/2820/files Yes, that's what I wrote over [here](https://gith...
nnobelis created a comment on a pull request on oss-review-toolkit/ort
Funnily enough, I found out you had an `escapeXML` function in the past: https://github.com/oss-review-toolkit/ort/pull/2820/files
nnobelis created a review comment on a pull request on oss-review-toolkit/ort
In the test you linked, the copyright is under an `evidence` element: ``` <component type="application"> <evidence> <copyright> ``` And `Component.evidence.copyr...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
> Also, I remember that somewhere we had a discussion about wrapping Copyright texts in `<![CDATA[...]]>`, but I currently cannot find it anymore. Would that also solve the issue? Assuming that ...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Somewhat related, though targeting the description: https://github.com/oss-review-toolkit/ort/issues/2814
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Also, I remember that somewhere we had a discussion about wrapping Copyright texts in `CDATA`, but I currently cannot find it anymore. Would that also solve the issue?
nnobelis created a review comment on a pull request on oss-review-toolkit/ort
Fell free to suggest one! I didn't find anything by googling. The Cyclone DX lib delegates to Jackson for the XML generation that delegates to StAX, but I found nothing there too :disappointed:
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9303?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
I'm not super happy about introducing a dependency on `commons-text` just for escaping XML... can we find a more lightweight solution?
nnobelis opened a pull request on oss-review-toolkit/ort
fix(cyclonedx): Sanitize copyrights for the CycloneDX XML report
Some characters in copyrights cannot be outputted to XML. Therefore, sanitize the copyrights content for XML. This fixes the following exception: > org.cyclonedx.exception.GeneratorException:...
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9302?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
sschuberth opened a pull request on oss-review-toolkit/ort
Rename `RootLicenseMatcher` to `ParentLicenseMatcher`
Please have a look at the individual commit messages for the details.
sschuberth created a branch on oss-review-toolkit/ort
rlm-imps - A suite of tools to automate software compliance checks.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
> there is no more way back to the "mixed" ORT purl. Correct, but my point is that my implementation proposal should not require you to go back, as the VC-style-PURL is only used for the lookup ...
wkl3nk created a review comment on a pull request on oss-review-toolkit/ort
No, that unfortunately won't work, because the ORT purls contain a mixture of "/" and "%2F" like in pkg:golang/github.com%2Fquic-go%[email protected], and once you have replaced all "%2F" with "/" t...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
I'm considering this, please note that this is still a draft.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
What else should it apply to, `SOURCE_PACKAGE`? These usually come with metadata, so I went for a more strict approach here. But I might reconsider this, please note that this is still a draft.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Because after having a look at it again, the root license matcher (whose name BTW is confusing, IMO) does something slightly different: For any given directory / file in the tree, it determines whi...