-
Implement license filtering in Macaron against a configurable, pre defined set of licenses. Macaron pulls down code and metadata today from GH repositories for performing various analyses. With this …
-
The java tools only lists the first issue it comes across when there is a validation error, even if multiple issues exist. Suggest to list all the validation errors at once. The python tools validatio…
-
### Overview
I'm experimenting with brownie and the SMT checker and one thing I'm noticing is that compiler warnings don't show (SMT checker errors seem to be returned as warnings rather than errors)…
-
From @pombredanne
We already have SBOM export (and import) options in scancode.io supporting SPDX and CycloneDX
SBOMs, and we can enrich this data using the public https://github.com/ossf/scoreca…
-
The spec is a bit weird about the external reference categories
When looking at the [reference category documentation](https://spdx.github.io/spdx-spec/v2.2.2/package-information/#7211-description)…
-
### Verification
- [X] This issue's title and/or description do not reference a single formula e.g. `brew install wget`. If they do, open an issue at https://github.com/Homebrew/homebrew-core/issues/…
-
#16
-
According to the npm's [package.json documentation](https://docs.npmjs.com/files/package.json):
> Some old packages used license objects or a “licenses” property containing an array of license obj…
-
**1.** License Name: sepa credit transfer
**2.** Short identifier: B
**3.** License Author or steward: BILL
**4.** Comments: oke
**5.** License Request Url: http://tools.spdx.org/app/license_requests/…
-
Component: [dom4j/dom4j/1.6.1](https://clearlydefined.io/definitions/maven/mavencentral/dom4j/dom4j/1.6.1/1.6.1)
ScanCode detected the license as Plexus, but it did not show up as detected in the d…