dejacode

dejacode copied to clipboard

When doing vulnerability management, it would be useful to track a global, dataspace Package a default purpose and default deployment. This is an important context item for vulnerability mitigation prioritization....

pombredanne

BUG: Packages being created with inadequate PURL data

2

This problem actually is associated with multiple AboutCode projects, but the impact is most apparent to the DejaCode user. A recent import of an SBOM to a product in DejaCode...

DennisClark

Enhancement request: Preserve parentheses in a license expression defined in "License choices"

3

**Problem** The DejaCode "License choices" model was originally constructed before the introduction of the WITH operator. In order to align with emerging SPDX standards, we deprecated licenses that were actually...

DennisClark

BUG: DejaCode exported CycloneDX SBOM does not retain dependency relationship

3

**Describe the bug** Current DejaCode versions already represent the relationships between packages in a product's inventory and their dependencies with other packages. However, when exporting an SBOM that relationship is...

rogu-beta

BUG: Usage policy not assigned despite successful scan

5

**Describe the bug** If a package scan through `scan_single_package` in ScanCode.io intially failed, the pipeline is restarted manually in ScanCode.io, and it completes successfully, then no usage policy (e.g. Approved...

rogu-beta

Add XLSX export to DejaCode product

1

It would be nice to have an XLSX export in the "Share" option of a DejaCode product, to get an ouput similar to that of ScanCode.io

pombredanne

An admin form is in place but not fully working. Ideally we should be able to handle those from the main UI.

tdruez

**Is your enhancement request related to a problem? Please describe.** When integrating DejaCode in CI pipelines it is currently unclear when you can start retrieving data from it, since there...

rogu-beta

Enhancement request: API access to ScanCode.io scan results for a package

1

**Is your enhancement request related to a problem? Please describe.** It is currently not possible to access the scan results through DejaCode's API both because there is no API endpoint...

rogu-beta

Enhancement request: Support submitting NuGet PURLs for scanning with ScanCode.io

5

**Is your enhancement request related to a problem? Please describe.** Currently the scanning of NuGet packages does not seem to work as no `scan_single_package` is getting triggered. **What are the...

rogu-beta