Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SPDX coverage from what FOSSology covers #112

Open
mcjaeger opened this issue Mar 19, 2019 · 0 comments

Comments

Projects
None yet
2 participants
@mcjaeger
Copy link

commented Mar 19, 2019

Proposed (!!! I feel sorry for putting it into your issue tracker thought it would be actually helping to bring transparency) is a meta issue that shows what FOSSology covers in terms of license analysis use cases and which of the issues in this issue tracker are connected with this.

Please note also that there is a meta issue on the FOSSology side, summarising captured shortcomings of the FOSSology w.r..t the SPDX spc:

fossology/fossology#1079

FOSSology use cases

  • Obligations, risks, restrictions as part of the SPDX #111
  • ECC information #35
  • IPR limitations (trademarks?) could be also covered by risks or here #35
  • identified files that do not get distributed #92
  • import SPDX files issue for large OSS components or shipped products #96
  • acknowledgement on file level #28

Admitted that #92 is maybe covered by the relations construct, although I am not convinced it represents a solution that as intended

@kestewart kestewart added this to the 2.2 milestone Jun 11, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.