RFE: Sharing and Re-using OSS Compliance infromation

[lkocman]

Hello

this is just a quick thought from Today's Open Chain webinar by Caren Kresse about OSSelot: The Open Source Curation Database

Project site: See https://osselot.org/ Videos: https://www.osselot.org/index.php?s=videos

Could we extend or reuse existing analysed data as part of our legal review process? https://github.com/Open-Source-Compliance

Seems like the process utilizes Fossology for the scan.

Data: https://github.com/Open-Source-Compliance/package-analysis/tree/main/analysed-packages

The DB grows with every day and it seem to be a way how to get an extra curator (Oliver reviews PRs).

[lkocman]

OSSelot team would be happy to collaborate on re-using the data.

[kraih]

I'd be interested to hear what collaboration could look like. The review system we use and all 29103 license patterns are already open source (in this repo). Our production database currently contains 266412 reviews for 39418 distinct packages. Some of the data is confidential though.

[lkocman]

https://hackweek.opensuse.org/22/projects/osselot-collaboration-on-legal-reviews-of-community-packages