Create license scan quality improvement campaigns for specific ecosystems

[pombredanne]

Doing massive scans of all the packages of a given ecosystem (say Maven, PyPi, etc.) I would like to:

• run the https://github.com/nexB/scancode-results-analyzer/ on each to determine where there are issues or no issue
• working closely with that package community, organize a review queue based on detected issue
• based on the https://github.com/nexB/scancode-results-analyzer/ output generate new scancode detection rules to improve license detection and bring these in a review queue

Some candidates for these could be these:

• Debian with @pabs @jonassmedegaard and other
• CPAN with @StuartJMackintosh
• PyPI with the PyPA folks and the the community there
• Go

[mjherzog]

This type of work will require engagement/support from the ecosystem leaders and participants and the specific approach may vary by ecosystem/community. I suggest that we start with PyPi since we already have some engagement there.

[StuartJMackintosh]

Thanks for the mention and ready to support engagement with the Perl ecosystem.

[pombredanne]

@StuartJMackintosh excellent! let's try to hook up sometimes next week to discuss the specifics. I can be reached at pombredanne@gmail.com or pom@nexb.com

[pombredanne]

Some progress... we have put together Google summer of code project ideas to support this. I will be looking also for doing some fundraising. Help is much welcomed there.