-
Please include license or spdx identifier.
-
Our current SPDX license list is hardcoded in the `.jsonschema.json`. However, some records have been left behind. To manage the list, we can use the npm package [spdx-license-ids](https://github.com/…
-
There is an proposal for SPDX 3.0 from AGL Instrumental Cluster Expert Group to describe Functional Safety related information.
Motivation:
It's required to hand over "out of source tree" informat…
-
The current [media-type definition](https://www.iana.org/assignments/media-types/application/spdx+json) specifies that there are no optional parameters. This makes hinting the specification versions s…
-
Originally from https://github.com/pombredanne/spdx-pypi-pep/pull/2#discussion_r330419938
Moved here as a ticket based on @pradyunsg suggestion to support a more focused discussion:
--------------…
-
Hello,
I'm trying to generate a sample SBOM on a python project directory, but I'm getting this error:
```
$ ./spdx-sbom-generator ../sample_python_project -o out
INFO[2021-07-15T09:10:31-07…
-
If user is a contract and calls the withdraw function the call will revert due to the whitespace data provided in the call:
```
(bool success, ) = msg.sender.call{value: depositRequired}(" ");
```
…
-
The following test_post_submit unit test fails on the master branch:
```
======================================================================
FAIL: test_post_submit (app.tests.SubmitNewLicenseV…
-
Some (mostly content) licenses either directly ask for or encourage, for the origin of the licensed material.
To quote from CC-BY-4.0, which is then repeat throughout all of CC licenses (emphasis m…
-
The software in the OIN Linux System definition is described in a series of tables. Those tables can be browsed by technology area:
https://openinventionnetwork.com/linux-system-definition/table-1…