search

scanoss / scanoss.py

The SCANOSS python package providing a simple, easy to consume library for interacting with SCANOSS APIs/Engine.
MIT License
27 stars 19 forks source link

Missing custom licences in SPDX output (again) #13

Closed vargenau closed 2 years ago

vargenau commented 2 years ago

This was already reported in #10 but not fixed.

svn checkout svn+ssh://svn.code.sf.net/p/phpwiki/code/trunk phpwiki

scanoss-py version
Version: 1.0.6

scanoss-py scan --format spdxlite --output phpwiki.spdx.json phpwiki/

Searching phpwiki/ for files to fingerprint...
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 7220)
Ignoring result. Please look in "bad_json-139679631443520-1664286414.txt" for more details.
Fingerprinting -
Scanning |########## | 392/1220ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 75176)
Ignoring result. Please look in "bad_json-139679606265408-1664286429.txt" for more details.
Scanning |#################### | 778/1220ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 5462)
Ignoring result. Please look in "bad_json-139679614658112-1664286437.txt" for more details.
Scanning |######################## | 922/1220ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 10184)
Ignoring result. Please look in "bad_json-139679089280576-1664286449.txt" for more details.
Scanning |############################ | 1095/1220ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 11708)
Ignoring result. Please look in "bad_json-139679606265408-1664286451.txt" for more details.
Scanning |############################### | 1189/1220ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 33099)
Ignoring result. Please look in "bad_json-139679623050816-1664286452.txt" for more details.
Scanning |################################| 1220/1220
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference

scanoss-py created license identifiers, but the license identifiers are not defined.

They should be defined in the SPDX file.

mscasso-scanoss commented 2 years ago

Dear @vargenau , The problem you were experiencing was related with bug in our scanning engine. It was solved and updated today. I have scanned successfully the repository you mentioned. Sorry for the inconvenience, please give a new try.

vargenau commented 2 years ago

I confirm the issue with warnings is solved.

The issue about the fact that license identifiers are not defined is still pending.

eeisegn commented 2 years ago

Hi,

We will investigate the unknown license reference and update the SPDX output.

Thanks!

vargenau commented 2 years ago

For your information, the online SPDX validator will now issue a warning for that. https://github.com/spdx/Spdx-Java-Library/issues/124

eeisegn commented 2 years ago

Hi @vargenau,

We have made a change to the backend service (in prod) and to the python package to address these issues. Could you try out a test version of the package on Test PyPI please?

pip install -i https://test.pypi.org/simple/ scanoss==1.0.7

If that works, we will release it officially.

Thanks!

vargenau commented 2 years ago

Yes, it works now. You can close the ticket after releasing 1.0.7.

Thank you for your quick fix.

eeisegn commented 2 years ago

These changes have now been published in PyPI and GHCR.