qos-ch / slf4j

Simple Logging Facade for Java
http://www.slf4j.org
MIT License
2.34k stars 991 forks source link

Repos being scanned by SCANOSS #434

Open VegaDeftwing opened 1 month ago

VegaDeftwing commented 1 month ago

Hello, I saw on https://www.softwaretransparency.org/osskb that they're scanning slf4j.org

I was curious if they'd requested prior permission to do this?

ceki commented 1 month ago

@VegaDeftwing What type of information are they extracting?

VegaDeftwing commented 1 month ago

I don't know. I think they're fingerprinting the code somehow, to sell to their customers the ability to check their code for if they're following all their licensees correctly. There's also something blockchain involved?

I wouldn't even know they exist either, except I'm currently dealing with them being rather rude to the FOSS community: https://github.com/scanoss/purl2cpe/issues/24