Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Please use `logger` instead of `logger()`. Some below.
fviernau created a review comment on a pull request on oss-review-toolkit/ort
@sschuberth I decided to make a separate PR to address the issues we found here in the info parsing. Let's process this one first, once done I'll update / rebase this PR on top. See https://githu...
fviernau opened a pull request on oss-review-toolkit/ort
Yarn info parsing fixes
See individual commits.
fviernau created a branch on oss-review-toolkit/ort
yarn-info-parsing-fixes - A suite of tools to automate software compliance checks.
github-actions[bot] published a release on oss-review-toolkit/ort
https://github.com/oss-review-toolkit/ort/releases/tag/37.0.0
## What's Changed ### Breaking Changes 🛠- e4e839690f042684534dadd05f188d56d1f04596 chore(model)!: Remove old plugin config aliases - d1fa585a58d17d814904dd121c9cef3f40b7c8b4 refactor(model)!: Ren...
sschuberth created a comment on a pull request on oss-review-toolkit/ort
> In expected output like files yet, in file which are used only as input probably no. Hmm. I tried to find relevant purls with %-encoding by running git grep -El "pkg:.*%" | grep -vE "(e...
fviernau created a review comment on a pull request on oss-review-toolkit/ort
And the use case we have implemented: Detected copyright findings which do not have a nearby detected license they can be associated with, get associated with the "main" licenses of the package. An...
sschuberth created a tag on oss-review-toolkit/ort
37.0.0 - A suite of tools to automate software compliance checks.
fviernau created a review comment on a pull request on oss-review-toolkit/ort
The algorithm normally starts at the VCS path (node) of the package. Looks inside that node for license files. If found returns, if not, go up. Repeat until the root. The idea is: Normally the...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
From reading the test cases I thought that the use-case would be a more generic one: To check the licenses for any path, and the root directory (which implies the package license) only being a spec...
fviernau created a comment on a pull request on oss-review-toolkit/ort
> Would "provenance resolution" mean that the Analyzer has scanned for dependency management files? Oh, I see. It's with the `project` sources, not with any of the `Package`s sources aka. depen...
fviernau created a review comment on a pull request on oss-review-toolkit/ort
How about renaming this to `ancestorPackageIds` or just `ancestorIds` ?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Should this additional say: "Not adding $pkgId." ?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Is it necessary to use `analyze()` or could it use `resolveSingleProject()` for a simpler expected result file?
fviernau created a review comment on a pull request on oss-review-toolkit/ort
Could `parents` this have a default value?
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9327?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
fviernau created a review comment on a pull request on oss-review-toolkit/ort
> The term "main license" to me is more something that makes sense in the scope of a whole package, where you want to emphasize that some licenses are more important than others in that they refer ...
oheger-bosch opened a pull request on oss-review-toolkit/ort
feat(spdx): Deal with cycles in dependency relations
Circular dependency relations caused the SPDX package manager to run in a stack overflow. Avoid this by detecting cyclic dependencies and handle them gracefully.
sschuberth pushed 1 commit to main oss-review-toolkit/ort
- deps: update ksp to v2.0.21-1.0.26 d169fae
sschuberth closed a pull request on oss-review-toolkit/ort
deps: update ksp to v2.0.21-1.0.26
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.devtools.ksp:symbol-processing-api](https://goo.gle/ksp...