Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
We should not keep code like this.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
All other plugins that take options just use constants for key names, and I believe we should do the same here, for consistency and to reduce complexity. I guess this will get reworked anyway once ...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Just adding an unused option to the function signature does not fix anything, so you should not say so in the commit message. Most importantly, these options are not read from the configuration fil...
sschuberth created a comment on a pull request on oss-review-toolkit/ort
I still believe we should solve this differently, in a more generic way. While Go apparently does not have namespaces, the purl standard treats them as if Go had namespaces. I'm currently preparing...
fviernau created a comment on a pull request on oss-review-toolkit/ort
> @fviernau Hello, can you explain a little bit more please? I believe it makes sense to have the ability to configure this separate per dependency. I expect the following trade-off to be reaso...
wkl3nk created a comment on a pull request on oss-review-toolkit/ort
@fviernau Hello, can you explain a little bit more please?
fviernau created a comment on a pull request on oss-review-toolkit/ort
I believe the options for configuring submodule recursion could be injected via package curations. Have you considered this?
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
At least @mnonnenmacher is on vacation, and I'd like to proceed with this before he's back in two weeks.
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Puh, I'm having a hard time deciding this (except that I would not use Applicable because also licenses in other files can be applicable). Let's maybe do a quick poll on the preferred terminology. ...
sschuberth pushed 1 commit to main oss-review-toolkit/ort
- chore(scanner): Give a variable in a test a better name Signed-off-by: Sebastian Schuberth <[email protected]> e612c50
sschuberth closed a pull request on oss-review-toolkit/ort
chore(scanner): Give a variable in a test a better name
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
I believe "Main" has the same notion as "Root" in that it can be interpreted to only mean the license in the top-level directory. More ideas: - AncestorLicenseMatcher - InheritedLicenseMatcher ...
fviernau created a comment on a pull request on oss-review-toolkit/ort
> @fviernau mind having a look as I have some follow-up changes? Sorry, missed that my comment was in "pending" state.
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9314?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
sschuberth opened a pull request on oss-review-toolkit/ort
chore(scanner): Give a variable in a test a better name
sschuberth created a branch on oss-review-toolkit/ort
cd-test-core - A suite of tools to automate software compliance checks.
sschuberth pushed 25 commits to purl-imps oss-review-toolkit/ort
- chore: Align custom kotlinx-serializers to be objects, part 2 This is a follow-up to 9607cd0 for code that was merge... d743b8a
- docs(pub): Add links to dependency types Signed-off-by: Sebastian Schuberth <[email protected]> 89f8422
- chore(pub): Order dependency classes as in the linked documentation Signed-off-by: Sebastian Schuberth <sebastian@do... 9b9d996
- refactor(pub): Reduce code by delegating to the default serializer Signed-off-by: Sebastian Schuberth <sebastian@dou... bd745c1
- chore(pub): Simplify deserializing dependencies The dependencies node itself is never a scalar, so the code can be s... 5c27750
- chore(pub): Handle dependency types in the same order as documented Signed-off-by: Sebastian Schuberth <sebastian@do... 7b1c5b9
- refactor(pub): Reorder classes into packages Remove the `utils` package and move its only class to the root. In exch... 0efd79b
- refactor(pub): Only use a single shared YAML instance Signed-off-by: Sebastian Schuberth <[email protected]> 201e0de
- fix(yarn): Deal with retries when parsing the command output When Yarn encounters network problems on querying detai... ad9a363
- test(python): Update expected results Signed-off-by: Sebastian Schuberth <[email protected]> 56c1e8a
- fix(pub): Support deserializing hosted deps without version constraint Fixes #9310. Signed-off-by: Frank Viernau <f... 950624a
- docs(pub): Move a comment to the data class docs Signed-off-by: Frank Viernau <[email protected]> 36418b6
- refactor(pub): Add a default value for `version` for consistency Signed-off-by: Frank Viernau <[email protected]> 19aaa1c
- fix(gradle-inspector): Optimize memory by caching dependency subtrees In large projects with many dependencies, the ... 9ccccf6
- deps: update dependency @mdx-js/react to v3.1.0 1106470
- deps: update dependency org.asciidoctor:asciidoctorj-pdf to v2.3.19 f24b2b3
- deps: Update the dependency-analysis-gradle-plugin to version 2.2.0 622655e
- deps: update dependency org.semver4j:semver4j to v5.4.1 65df485
- chore(scanner): Give a variable in a test a better name Signed-off-by: Sebastian Schuberth <[email protected]> dc37046
- docs(model): Clarify in a test what a "clean" purl is supposed to be Signed-off-by: Sebastian Schuberth <sebastian@d... 4b6c12f
- and 5 more ...
sschuberth pushed 1 commit to main oss-review-toolkit/ort
- deps: update github/codeql-action digest to f779452 3101aa8
sschuberth closed a pull request on oss-review-toolkit/ort
deps: update github/codeql-action digest to f779452
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | digest | `c3662...
renovate[bot] pushed 34 commits to renovate/github-codeql-action-digest oss-review-toolkit/ort
- test(pub): Update expected results Signed-off-by: Sebastian Schuberth <[email protected]> bb336f0
- deps: update dependency ch.qos.logback:logback-classic to v1.5.11 b54962b
- fix(gradle-plugin): Guard `dependencyResolutionManagement` usage Do not use that feature before it was added in Grad... 47f73b4
- fix(pub): Properly end the input structure when parsing specs Signed-off-by: Sebastian Schuberth <sebastian@doubleop... 0d99de2
- refactor(pub): Port the lockfile parsing to KxS Signed-off-by: Frank Viernau <[email protected]> Signed-off-by:... 831b113
- chore(clearly-defined)!: Make `CoordinatesSerializer` internal This is only used in `Coordinates.kt` of the same mod... 4470675
- chore: Align custom kotlinx-serializers to be objects Emphasize that there never will be multiple instances of these... 9607cd0
- deps: update dependency io.github.pdvrieze.xmlutil:serialization to v0.90.2 06537b2
- deps: update dependency org.cyclonedx:cyclonedx-core-java to v9.1.0 8c103c4
- fix(spdx-utils): Accept the "no patent" exception See e.g. [1], which is marked as an exception. [1]: https://scanc... 9d0873c
- feat(fossid): Make FossID sensitivity configurable Add the option for the user to specify the sensitivity for a Foss... e5c6e0c
- ci(release): Increase the timeout for creating the staging repository Creating the Sonatype staging repository occas... bac154a
- test(pub): Update expected results Signed-off-by: Sebastian Schuberth <[email protected]> 64dc2c1
- fix(cli): Remove credentials from environment variables Do not expose any credentials, e.g. when included in proxy U... 03b4ed9
- deps: update dependency com.github.jmongard.git-semver-plugin to v0.12.11 ed4bccf
- chore: Align custom kotlinx-serializers to be objects, part 2 This is a follow-up to 9607cd0 for code that was merge... d743b8a
- docs(pub): Add links to dependency types Signed-off-by: Sebastian Schuberth <[email protected]> 89f8422
- chore(pub): Order dependency classes as in the linked documentation Signed-off-by: Sebastian Schuberth <sebastian@do... 9b9d996
- refactor(pub): Reduce code by delegating to the default serializer Signed-off-by: Sebastian Schuberth <sebastian@dou... bd745c1
- chore(pub): Simplify deserializing dependencies The dependencies node itself is never a scalar, so the code can be s... 5c27750
- and 14 more ...
bennati created a comment on an issue on oss-review-toolkit/ort
This is no longer happening with a more recent ORT version, we can close this issue.
bennati closed an issue on oss-review-toolkit/ort
Analyzer confuses Cargo dependency hosted in repo for a source artifact
When running the analyzer (revision 2b230b8) on a Cargo project, a dependency which is hosted in a git repo is identified as source artifact. The analyzer result contains the following: ``` "so...