Need specific file type pattern option and License Version #875
Comments
|
Thanks for the report!
You are right there is a way to ignore/exclude but to include (though the underlying code already supports it
What do you mean there? each returned license has an exact version when the license is versioned. What are you missing there? Any example? |
|
Thanks for the quick reply.
For example libxml2.so file is in my scan area, which returns the license_key as gpl-1.0-plus, But usually organizations to have compliance with regards to licensing, they try to buy/get licences for the particular version. In case of libxml2.so, latest version is 2.9.7. so, this version info is not returned by the tool. so is there a way to provide the particular version of the file/binary in the scan report? please let me know if i need to provide more info. Thanks. |
|
Could you please prioritize this requirement? |
|
@gnchalla sorry for the late reply, but this was the holiday break
The current architecture for plugins does not support this yet, but will soon once we are done with #787
This sounds unlikely and could be a false positive. Can you provide a download link to this version of libxml2.so? Also what is the score/coverage and license text when you run the detection as JSON with these extra flags
I am not sure where you can buy libxml! Did someone sold it to you?
Well to the best of my knowledge, there is neither a universal nor even a common or conventional way to get the version from an ELF binary. What happens at times is that there is a version string that may be baked in the built binary, but even that string has no specific format. The only way to get proper identification of versions is through matching against a large index of known binaries. This is a compex thing and not a job for ScanCode, but a job for an upcoming tool called MatchCode that will be released as part of the AboutCode tool suite. |
|
@gnchalla ping? any feedback on my last comment? |
Signed-off-by: Philippe Ombredanne <[email protected]>
Signed-off-by: Philippe Ombredanne <[email protected]>
Support multiple input path in CLI #875 #1397 Reported-by: Nico Bucher @nicobucher Signed-off-by: Philippe Ombredanne <[email protected]>
|
@gnchalla there is a new option in the |
--ignore README --ignore ".jar" --ignore ".msb" --ignore ".pl" --ignore ".py" --ignore ".log" --ignore ".loc" --ignore ".1" --ignore ".xml" --ignore ".ref" --ignore ".rsf" --ignore ".ini" --ignore ".pom" --ignore ".rar" --ignore ".html" --ignore ".css" --ignore ".png" --ignore ".xml" --ignore ".nlb" --ignore ".htm" --ignore ".image" --ignore ".gif" --ignore ".po" --ignore ".mo" --ignore ".mak" --ignore ".sh" --ignore ".wsdl" --ignore ".pm" --ignore ".h" --ignore ".pod" --ignore ".map" --ignore ".pls" --ignore ".sql" --ignore ".xsd" --ignore ".cmd" --ignore ".jpg" --ignore ".js" --ignore ".LAYOUT" --ignore ".msg" --ignore ".bat" --ignore ".txt" --ignore ".ctl" --ignore ".cfg" --ignore ".lst" --ignore ".ttf" --ignore ".jsp" --ignore ".ini" --ignore ".tif" --ignore ".info" --ignore ".zip" --ignore ".ear" --ignore ".bmp" --ignore ".LIC" --ignore ".ico" --ignore ".keep" --ignore ".db" --ignore ".doc" --ignore ".lnk" --ignore ".cfs" --ignore ".mkelem" --ignore ".bnd" --ignore "..SAVF" --ignore ".xmit" --ignore ".m" --ignore ".xliff" --ignore ".nls" --ignore ".xlf" --ignore "*.properties"
Instead of ignore option, do we have an option to scan only particular pattern files?
for example want to scan only *.c
Please provide the info.
The text was updated successfully, but these errors were encountered: