Improve back2source d2d pipeline for ELFs - Githubissues

aboutcode-org / scancode.io

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!

https://scancodeio.readthedocs.io

Apache License 2.0

115 stars 85 forks source link

Improve back2source d2d pipeline for ELFs #1339

Closed pombredanne closed 4 hours ago

pombredanne commented 3 months ago

There seem to be too many "requires-review" as a first glance in the summary report from a d2d project for ELF.

https://github.com/aboutcode-org/back2source-data/blob/main/data/archive.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/debug/tree/a/atomix-debugsource-44.0-4.fc40.x86_64/d2d-summary.json#L36 has only one requires review
https://github.com/aboutcode-org/back2source-data/blob/main/data/archive.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/debug/tree/a/atomix-debugsource-44.0-4.fc40.x86_64/d2d-details.json#L3535 has many correctly mapped paths that are marked as requires-review likely incorrectly
Also we should not include directories and <artificial> and <built-in> (and this may something we could filter out in the elf-inspector ?)
- like in https://github.com/aboutcode-org/back2source-data/blob/main/data/archive.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/debug/tree/a/atomix-debugsource-44.0-4.fc40.x86_64/d2d-details.json#L3398
- or in https://github.com/aboutcode-org/back2source-data/blob/main/data/archive.fedoraproject.org/pub/fedora/linux/releases/40/Everything/x86_64/debug/tree/a/atomix-debugsource-44.0-4.fc40.x86_64/d2d-details.json#L3493

AyanSinhaMahapatra commented 4 hours ago

This is a duplicate of https://github.com/aboutcode-org/scancode.io/issues/1403