search

vmware-archive / rules_oss_audit

The complexities of identifying and tracking open-source software (OSS) to comply with license requirements adds friction to the development process and can result in product-release delays. At VMware, we solve this problem using Bazel to create an accurate bill of materials containing OSS and third-party packages during a build.
Apache License 2.0
30 stars 11 forks source link

#4 Add check while loading class_jar #5

Closed rtabassum closed 2 years ago

rtabassum commented 2 years ago

This fixes #4. Tested locally with:

rtabassum@rtabassum-a01 bazel-buildfarm % git diff
diff --git a/deps.bzl b/deps.bzl
index ba156a62..865da9ae 100644
--- a/deps.bzl
+++ b/deps.bzl
@@ -108,9 +108,9 @@ def archive_dependencies(third_party):

         {
             "name": "rules_oss_audit",
-            "sha256": "cabb4d985eb9efe40326436e683a90e74603dd282ae2a0af2a21bf078f07cf1b",
-            "strip_prefix": "rules_oss_audit-5ae338712005a616c11d69a669d669e3742c1c83",
-            "url": "https://github.com/vmware/rules_oss_audit/archive/5ae338712005a616c11d69a669d669e3742c1c83.zip",
+            #"sha256": "cabb4d985eb9efe40326436e683a90e74603dd282ae2a0af2a21bf078f07cf1b",
+            "strip_prefix": "rules_oss_audit-80fbff8ab2dc68c586f235a4b52c714998379593",
+            "url": "https://github.com/vmware/rules_oss_audit/archive/80fbff8ab2dc68c586f235a4b52c714998379593.zip",
         },

         {

and the generated BOM has a number of entries of detected packages.