-
Hi,
I installed fossology 3.2.0 and used the foss_cli. The fossology server is spinned up using docker and available and running at http://localhost:8081/repo
These are the commands followed:
1…
-
Attempting to run scancode 31.2.4 with the --cyclonedx or --cyclonedx-xml param (also including --package). Looking to funnel the xml into Dependency-Track
### Description
The scan runs, but the…
-
### Description
See https://calculate-linux.org/packages/licenses/ as this could be yet another source of licenses.
Based on reports by @reversi-fun in https://github.com/spdx/license-list-XML
-
Create a sample automated scan workflow using Fossology container as a service.
Document how to use the automated workflow in a CI pipeline.
-
# Summary
We are considering using Devtron as an SCA tool, which can scan code/images and notify us of any vulnerabilities in our code. Devtron already provides a mechanism to scan Docker images, a…
-
Modify my recent and all recent jobs to get all the required data for UI.
-
### Context
We are reporting too many false positive licenses. We need to fix this!
### Problem
There are several false cases, yet they boil down to these types:
1. False detection of very…
-
Aggregated Copyrights, ECC, IPRA, Email/url/Author and Keyword with count, content, activated (FOSSology, Scancode, User) + Operations: edit, delete
-
The bitbake manifests commonly contain decent license and origin information.
-
**Description**
This issue comes from this comment.
And this is related to #864
_Originally posted by @shi9qiu in https://github.com/eclipse/sw360/issues/1171#issuecomment-850139868_
> I a…