-
Are there any plans to make the functions callable with optional arguments from LISP without user interaction?
That would allow to have a call something like `(spdx-insert-spdx-copyright "MIT")` from…
-
SPDX Specification 2.2 Appendix VIIIが正式公開された段階で、SPDX Lite紹介のSectionから、リンクを張る
-
@matthesrieke What do you think about using exactly the same names for the same licenses in the mapping files based on the SPDX License List (http://spdx.org/licenses/) ?
I would suggest to use `Full…
nuest updated
10 years ago
-
Original Reporter: nvelagapudi
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.linuxfoundation.org/browse/SSB-31
spdx-sbom-generator tool version v0.0.2Test Repo that I …
-
`externalPrefixOrId` would have the sematics of the external element ID starting with the externalPrefixOrId.
This is compatible with representing the full ID since the full ID would "start with" the…
-
The problem I am having is that bomber does NOT find any packages in a SBOM that has been converted by the cyclonedx-node covert process. The SBOM is generated from a javascript application.
To re…
6mile updated
11 months ago
-
Hard to reproduce in a way that gives me much insight on what exactly is the issue; some specific things fail, others don't. For example:
```
> license-checker --exclude 'GPL-2.0'
/Users/jamiet/.…
-
## Usecase:
Repo directly stores .patch and .diff files alongside normal code: buildroot, crosstool-ng, etc.
It's a mess to maintain proper SPDX for them.
## Situation:
1) Patch files require li…
-
**What happened**:
I am creating an SBOM for the `docker.io/bitnami/redis` image.
As I was looking at the artifacts, I noticed that the redis binary was absent from the list of artifacts in the SBOM…
-
I would like a tool that reads license info in DEP-5 format and outputs license info in SPDX format.
This may mostly be a superficial conversion, but may also require some full-text scanning.
sp…