-
there is a race condition between the find/delete of the do_deletebinaries task and the create-spdx tasks, the later must be creating a temporary directory and cleaning it up right after.
here is t…
-
### Problem
Copyright blocks [are long](https://github.com/minetest/minetest/issues/3390#issuecomment-1902240793) and sometimes [missing](https://github.com/minetest/minetest/issues/3390#issue-1178…
okias updated
8 months ago
-
**Description**
A clear and concise description of what the bug is.
Getting below error while trying to connect SQL-exporter to RMA agent of ASE. SQL-exporter uses go-ase driver.
No metr…
-
Example - cncf-3.keycloack has project licenses like `Apache-2.0 (ASF header)` which are not valid.
This can be worked around by creating a LicenseRef for project licenses, but it would be much bet…
-
This question was asked in the 2022-08-04 General call.
@goneall gave a quick summary that I wasn't able to capture here. Perhaps he could drop some links or an outline? Then we can create some sor…
-
Apparently, this repository provides the relevant resources for doing the actual matching in https://github.com/spdx/yalm-python Shouldn't it be moved to the *spdx* organization as well in this case t…
-
### Description
Current practice in RIOT is to place a (somewhat bulky) standard header in files describing the license. These are parsed by a shell script (https://github.com/RIOT-OS/RIOT/blob/mas…
-
I would like to clarify something about the licenses that the Buck2 prelude is released under.
In the prelude, it says this:
> This source code is licensed under both the MIT license found in the
…
-
The REUSE tool currently generates a SPDX software bill of materials only in the SPDX-2.1 format. As an example, [I attached the output](https://github.com/fsfe/reuse-tool/files/6849366/reuse.spdx.txt…
-
### Description
SPDX specification 2.1 has a tag `` for disjunctive licenses, for example MIT AND GPL-3.0-or-later, and a tag `` for conjuctive licenses, for example GPL-2.0-only OR MIT. Fossol…