Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/xform: migrate to SPDX identifier #15252

Merged
merged 1 commit into from
Dec 19, 2024
Merged

crypto/xform: migrate to SPDX identifier #15252

merged 1 commit into from
Dec 19, 2024

Conversation

jerpelea
Copy link
Contributor

@jerpelea jerpelea commented Dec 18, 2024
edited
Loading

Summary

Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

Impact

LICENSE

Testing

CI

@github-actions github-actions bot added Area: Crypto Size: XS The size of the change in this PR is very small labels Dec 18, 2024
@xiaoxiang781216
Copy link
Contributor

xiaoxiang781216 commented Dec 18, 2024
edited
Loading

xform.c is used by core crypto driver framework; we need find an alternative implementation.
@ThePassionate could you take a look?

@yamt
Copy link
Contributor

yamt commented Dec 18, 2024

the component is reported as GPL by FossID and should be replaced ASAP

isn't this file from openbsd?

@fxysunshine
Copy link

the component is reported as GPL by FossID and should be replaced ASAP

isn't this file from openbsd?

YES, it is from
https://github.com/openbsd/src/blob/master/sys/crypto/xform.c

@yamt
Copy link
Contributor

yamt commented Dec 18, 2024

so i suspect it's somehow misreported by FossID?

@fxysunshine
Copy link

fxysunshine commented Dec 18, 2024
edited
Loading

so i suspect it's somehow misreported by FossID?

@jerpelea We scanned the file xform.c with Black Duck Security and it showed that the license was BSD-3-Clause and no risk was reported.

cederom
cederom requested changes Dec 18, 2024
View reviewed changes
Copy link
Contributor

@cederom cederom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @jerpelea :-)

Looks like this will break stuff, and the component is BSD can be SPDX marked as BSD? :-)

@jerpelea
Copy link
Contributor Author

Thank you @jerpelea :-)

Looks like this will break stuff, and the component is BSD can be SPDX marked as BSD? :-)

it was pushed here to raise awareness

@jerpelea
Copy link
Contributor Author

jerpelea commented Dec 19, 2024
edited
Loading

so i suspect it's somehow misreported by FossID?

@jerpelea We scanned the file xform.c with Black Duck Security and it showed that the license was BSD-3-Clause and no risk was reported.

thanks for double checking
I will update the SPDX to 0BSD since I can not see any clause in the license and mention the conflict

jerpelea added a commit to jerpelea/nuttx that referenced this pull request Dec 19, 2024
@jerpelea
crypto/xform.c: migrate to SPDX identifier
bc911f7 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.

Since there is no clause on the license it was concluded as 0BSD

Refference
apache#15252

Signed-off-by: Alin Jerpelea <[email protected]>
@jerpelea
crypto/xform.c: migrate to SPDX identifier
977da70 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.

Since there is no clause on the license it was concluded as 0BSD

Refference
apache#15252

Signed-off-by: Alin Jerpelea <[email protected]>
@github-actions github-actions bot added Area: Documentation Improvements or additions to documentation Area: Tooling Area: Build system Area: CI Area: Networking Effects networking subsystem Arch: arm Issues related to ARM (32-bit) architecture Arch: arm64 Issues related to ARM64 (64-bit) architecture Arch: risc-v Issues related to the RISC-V (32-bit or 64-bit) architecture Arch: xtensa Issues related to the Xtensa architecture Area: Drivers Drivers issues Area: File System File System issues Area: OS Components OS Components issues Area: Sensors Sensors issues Area: BINFMT labels Dec 19, 2024
@github-actions github-actions bot added Size: S The size of the change in this PR is small and removed Area: Documentation Improvements or additions to documentation Area: Tooling Area: Build system Area: CI Area: Networking Effects networking subsystem Arch: arm Issues related to ARM (32-bit) architecture Arch: arm64 Issues related to ARM64 (64-bit) architecture Arch: risc-v Issues related to the RISC-V (32-bit or 64-bit) architecture Arch: xtensa Issues related to the Xtensa architecture Area: Drivers Drivers issues Area: File System File System issues Area: OS Components OS Components issues Area: Sensors Sensors issues Board: arm Board: risc-v Board: simulator Board: xtensa labels Dec 19, 2024
@jerpelea
Copy link
Contributor Author

@cederom please review and unlock the PR

@jerpelea
Copy link
Contributor Author

@xiaoxiang781216 @yamt @fxysunshine Thanks for all your answers

@jerpelea jerpelea changed the title crypto/xform: remove GPL component crypto/xform: migrate to SPDX identifier Dec 19, 2024
@jerpelea jerpelea requested a review from cederom December 19, 2024 01:20
cederom
cederom approved these changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@cederom cederom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @jerpelea !! :-)

yamt
yamt reviewed Dec 19, 2024
View reviewed changes
@xiaoxiang781216 xiaoxiang781216 merged commit d700641 into apache:master Dec 19, 2024
27 checks passed
@jerpelea jerpelea deleted the crypto branch December 19, 2024 07:21
jerpelea added a commit to jerpelea/nuttx that referenced this pull request Dec 19, 2024
@jerpelea
crypto/xform.c: migrate to SPDX identifier
2dcff81 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.

Since there is no clause on the license it was concluded as 0BSD

Refference
apache#15252

Signed-off-by: Alin Jerpelea <[email protected]>
@jerpelea jerpelea mentioned this pull request Dec 19, 2024
Merged
xiaoxiang781216 pushed a commit that referenced this pull request Dec 19, 2024
@jerpelea @xiaoxiang781216
crypto/xform.c: migrate to SPDX identifier
11bc75a 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.

Since there is no clause on the license it was concluded as 0BSD

Refference
#15252

Signed-off-by: Alin Jerpelea <[email protected]>
linguini1 pushed a commit to CarletonURocketry/nuttx that referenced this pull request Jan 15, 2025
@jerpelea @linguini1
crypto/xform.c: migrate to SPDX identifier
307f217 
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.

NOTE
The code was reported as GPL by FOSS ID
and Xiaomi scanned the file xform.c with Black Duck Security and it showed
that the license was BSD-3-Clause and no risk was reported.

Since there is no clause on the license it was concluded as 0BSD

Refference
apache#15252

Signed-off-by: Alin Jerpelea <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yamt yamt yamt left review comments

@cederom cederom cederom approved these changes

@xiaoxiang781216 xiaoxiang781216 Awaiting requested review from xiaoxiang781216

Assignees
No one assigned
Labels
Area: BINFMT Area: Crypto Size: S The size of the change in this PR is small
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jerpelea @xiaoxiang781216 @yamt @fxysunshine @cederom