Open tsteenbe opened 2 years ago
So, aren't the only things left to do:
useOrtCurations
from CLI to ort.conf
(while maybe renaming it to useOrtPackageCurations
).useOrtPackageConfigurations
to ort.conf
, and also allow to consume package configurations from https://github.com/oss-review-toolkit/ort-config in combination with those from other sources?I wonder if we also should introduce useOrtLicenseClassifications
to use license classifications from ort-config so a user only has to define their own rules.kts
If this is implemented for the --ort-curations
parameter it should be implemented for --clearly-defined-curations
and --sw360-curations
as well.
Note that by now package curations can be fully configured to come from arbitrary sources in any order.
Use Case Users of ORT for GitLab would like to use their own local configuration but also combine it with oss-review-toolkit/ort-config. For example, a user wants to keep curations and package configurations for his/her organization's proprietary packages in a private local configuration repository but for all open source package use and contribute to oss-review-toolkit/ort-config.
Currently setting up such a workflow in ORT for GitLab would require repository mirroring of oss-review-toolkit/ort-config in GitLab and adding a 'private' branch which is requires some effort and might result in Git merge conflicts. We would prefer an easier out of the box solution by expanding on the mechanism introduced in https://github.com/oss-review-toolkit/ort/pull/5269.
Note:
useOrtCurations
introduced in https://github.com/oss-review-toolkit/ort/pull/5269 only works via the CLI and can not be set via .conf file. Regardless which solution we end up implement we should make this configurable via .conf (which is how we configure ORT in ORT for GitLab)