License updates from scancode not working as intended #32
Comments
|
@sschuberth weird, looks like the CI job did not work as intended 🤔 looking into this |
This is a temporary fix adding the new licenses and updates in licenses from SPDX license list 3.20. Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
Add missing licenses from scancode-toolkit develop #32
|
@sschuberth I've added a temporary fix, these files are now available, let's still keep this open as I need to investigate and fix why the CI did not work as intended, even though running the scripts locally worked. 🤔 |
|
The github action run: https://github.com/nexB/scancode-licensedb/actions/runs/4356107800 did update to the latest scancode-toolkit develop with the license updates in there, but the licensedb html update failed, maybe some reindexing issues? |
AyanSinhaMahapatra
changed the title
LICENSE texts are missing
This is a fixup for 2e7e231 now that [1] has a work-around. [1]: aboutcode-org/scancode-licensedb#32 Signed-off-by: Sebastian Schuberth <[email protected]>
|
@sschuberth Btw also
How do you perform this import (is there a script in ORT you can point me to), and do you think using the scancode command directly to generate the licensedb and dump all the data (as API) is better than using scancode-licensedb.org? See aboutcode-org/scancode-toolkit#2738 btw, which is why the command was added to scancode-toolkit. |
The import is implemented as a Gradle task in the spdx-utils module and can be run from the root of the ORT source tree like
I believe that issue has a slightly different use-case in mind. There are two places where ORT makes use of the ScanCode LicenseDB: For one, there's ORT's built-in list of SPDX (core) license IDs and associated texts. While we could exclusively query SPDX for this, we also query the ScanCode LicenseDB as it has the better formatted license text for SPDX licenses. Secondly, we also need the texts for ScanCode-specific licenses / LicenseRefs findings after running ScanCode, and these we currently get from the ScanCode installation directory. That's what aboutcode-org/scancode-toolkit#2738 is about. For the former use-case of getting license texts for SPDX licenses, I'd prefer to keep querying the remote ScanCode LicenseDB as that also works if ScanCode is not installed. |
|
Thanks for explaining @sschuberth 👍 |
This is a fixup for 2e7e231 now that [1] has a work-around. [1]: aboutcode-org/scancode-licensedb#32 Signed-off-by: Sebastian Schuberth <[email protected]>
|
Is this the reason why I am seeing for example: in Git commits (for example: 355f106 )? It seems that the only thing that is updated is the version number. Adding @pombredanne |
|
@armijnhemel no, that issue is tracked in #31, this issue was fixed by the PR above. |
During a license text import in ORT, I noticed that the following
LICENSEfiles seem to be missing:https://scancode-licensedb.aboutcode.org/adacore-doc.LICENSE
https://scancode-licensedb.aboutcode.org/bsd-advertising-acknowledgement.LICENSE
https://scancode-licensedb.aboutcode.org/cc-by-nc-sa-2.0-de.LICENSE
https://scancode-licensedb.aboutcode.org/cfitsio.LICENSE
https://scancode-licensedb.aboutcode.org/cornell-lossless-jpeg.LICENSE
https://scancode-licensedb.aboutcode.org/hpnd-export-us.LICENSE
https://scancode-licensedb.aboutcode.org/hpnd-sell-variant-mit-disclaimer.LICENSE
https://scancode-licensedb.aboutcode.org/iec-code-components-eula.LICENSE
https://scancode-licensedb.aboutcode.org/ijg-short.LICENSE
https://scancode-licensedb.aboutcode.org/jpl-image.LICENSE
https://scancode-licensedb.aboutcode.org/kazlib.LICENSE
https://scancode-licensedb.aboutcode.org/loop.LICENSE
https://scancode-licensedb.aboutcode.org/offis.LICENSE
https://scancode-licensedb.aboutcode.org/qpl-1.0-inria-2004.LICENSE
https://scancode-licensedb.aboutcode.org/symlinks.LICENSE
https://scancode-licensedb.aboutcode.org/tpdl.LICENSE
https://scancode-licensedb.aboutcode.org/ttwl.LICENSE
https://scancode-licensedb.aboutcode.org/ucar.LICENSE
https://scancode-licensedb.aboutcode.org/w3m.LICENSE
The text was updated successfully, but these errors were encountered: