Closed lechnerc77 closed 1 year ago
sourabhsparkala
commented
1 year ago @lechnerc77 we can try to resolve it, but could you please provide more information? As to what is the false positive and why it is so? Maybe with more screen shots, to understand this situation better. Thanks :)
lechnerc77
commented
1 year ago @sourabhsparkala sure I can. The repo is https://github.com/SAP-samples/btp-setup-automator. There have been no changes around the REUSE relevant data of the repository. The REUSE rating represented by the badge showed compliance.
Last weekend an issue was opened, stating that the repo contains a violation against OSS Rules of Play referencing [rl-reuse_tool-4] (see: https://github.com/SAP-samples/btp-setup-automator/issues/292).
I validated that by adding the GH Action provided by the reuse tool and started the run which showed full compliance (see e.g. here: https://github.com/SAP-samples/btp-setup-automator/actions/runs/3408293208).
Due to the fact that we did not change anything in the repository concerning the licensing and the "local" run of the GH actions shows compliance, I would say that the remote check is a false positive.
lechnerc77
commented
1 year ago Seems like the REUSE tool is back on track and in sync with the reporting from the GH action.
sourabhsparkala
commented
1 year ago I will close this issue as it seems to be resolved
lechnerc77
commented
1 year ago Well you did not follow up on the issue, but force SAP repos to use it. We had the same issue two weeks ago, but we are for now kindly ignoring the issues raised by this tool.
We seem to have an issue with the Reuse tool or to be precise the API used for checking the compliance used by this tool and to display the badge. The reported issue concerning the compliance to the reuse tool is a false positive, the GH action provided by the REUSE team report full compliance. What are the options here as displaying the repo as not compliant gives a wrong impression for people looking at the repo