Open tsteenbe opened 2 years ago
sschuberth
commented
2 years ago So, aren't the only things left to do:
useOrtCurations from CLI to ort.conf (while maybe renaming it to useOrtPackageCurations).useOrtPackageConfigurations to ort.conf, and also allow to consume package configurations from https://github.com/oss-review-toolkit/ort-config in combination with those from other sources?
tsteenbe
commented
2 years ago I wonder if we also should introduce useOrtLicenseClassifications to use license classifications from ort-config so a user only has to define their own rules.kts
mnonnenmacher
commented
2 years ago If this is implemented for the --ort-curations parameter it should be implemented for --clearly-defined-curations and --sw360-curations as well.
sschuberth
commented
1 year ago Note that by now package curations can be fully configured to come from arbitrary sources in any order.
Use Case Users of ORT for GitLab would like to use their own local configuration but also combine it with oss-review-toolkit/ort-config. For example, a user wants to keep curations and package configurations for his/her organization's proprietary packages in a private local configuration repository but for all open source package use and contribute to oss-review-toolkit/ort-config.
Currently setting up such a workflow in ORT for GitLab would require repository mirroring of oss-review-toolkit/ort-config in GitLab and adding a 'private' branch which is requires some effort and might result in Git merge conflicts. We would prefer an easier out of the box solution by expanding on the mechanism introduced in https://github.com/oss-review-toolkit/ort/pull/5269.
Note:
useOrtCurationsintroduced in https://github.com/oss-review-toolkit/ort/pull/5269 only works via the CLI and can not be set via .conf file. Regardless which solution we end up implement we should make this configurable via .conf (which is how we configure ORT in ORT for GitLab)