shields
shields copied to clipboard
Published
20 hours ago •
badges
badges
Badge request: FOSSA
FOSSA.io provides scanning of FOSS licenses of the project and its dependencies. It supports generating shields itself, but they're limited (no options like on shields.io). Example:
https://app.fossa.io/api/projects/git%2Bgithub.com%2FAthari%2FCsConsoleFormat.svg
https://app.fossa.io/api/projects/git%2Bgithub.com%2FAthari%2FCsConsoleFormat.svg?type=shield
There's API, but it's only available for paying Enterprise customers. However, the SVG badge itself can be parsed, I guess.
@paulmelnikow Like I said, they have:
- Badge API which generates SVG containing all necessary data (I think it's either "passing" or "failing", haven't seen other statuses).
- Actual API which is only available for "enterprise customers".
I emailed them asking about public API for data which is available in the form of the badge, but didn't receive a reply.
We do have code to parse the svg badges.
For a user, would there be an advantage of our badge over theirs?
@paulmelnikow Their badge provides no options like text, icon, colors etc. I rely on data URIs to generate pretty badges, so I miss icon option in particular. (Before you ask — yes, I did spend a couple of hours generating heavily optimized icon PNGs for every service. 😆)
For a user, would there be an advantage of our badge over theirs?
A few minor customization options would be welcome for consistency's sake. I enjoy the flat-square style, which isn't available with FOSSA's existing badges.
This is a response that should result in a green/passing badge. But I've no idea which key is relevant and also haven't found a documentation. Have asked the support, will update the comment if I get an answer.
https://app.fossa.com/api/revisions/git%2Bgithub.com%2FAstrotomic%2Fstancy%245c224f48a8fe07f17d53af6450089fa7c93564a8
JSON Response
{
"loc":{
"fetcher":"git",
"package":"github.com/Astrotomic/stancy",
"revision":"5c224f48a8fe07f17d53af6450089fa7c93564a8"
},
"licenses":[
{
"title":"MIT",
"id":4877914,
"licenseId":"MIT",
"revisionId":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"licenseGroupId":3606614,
"projectCorrectionId":null,
"ignored":false,
"url":null,
"text":"MIT License\n\nCopyright (c) 2019 Tom Witkowski\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n",
"copyright":"2019 Tom Witkowski",
"file_count":4,
"manual":false,
"createdAt":"2019-09-24T21:42:06.050Z",
"updatedAt":"2019-09-24T21:42:06.050Z"
}
],
"discoveredLicenses":[
],
"locator":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"url":null,
"resolved":true,
"projectId":"git+github.com/Astrotomic/stancy",
"unsupported":false,
"source_type":"ComposerPackage",
"error":"",
"parent_locator":"git+github.com/Astrotomic/stancy$ee8619138a8d7422c765f0e256bebbe8769ec44a",
"attribution_file":null,
"transitive_excludes":[
],
"author":"GitHub <[email protected]>",
"message":"does not work",
"revision_timestamp":"2019-09-24 21:37:31.000 +00:00",
"all_origin_paths":[
"laravel-framework-372e0ad/src/Illuminate/Config/composer.json",
"illuminate-bus-9ea8830/composer.json",
"illuminate-mail-5cb31d1/composer.json",
"spatie-laravel-sitemap-d234204/composer.json",
"illuminate-events-3762761/composer.json",
"illuminate-auth-1711604/composer.json",
"spatie-sheets-14d900f/composer.json",
"illuminate-database-bb4dc8d/composer.json",
"illuminate-broadcasting-f5a970e/composer.json",
"illuminate-pipeline-0d2193f/composer.json",
"spatie-laravel-view-models-9eeaa79/composer.json",
"illuminate-translation-897bb69/composer.json",
"illuminate-filesystem-bf9ad9d/composer.json",
"illuminate-console-db17810/composer.json",
"illuminate-container-d6d5358/composer.json",
"illuminate-queue-5e667f0/composer.json",
"composer.json",
"illuminate-session-5587614/composer.json",
"illuminate-http-c78762e/composer.json",
"illuminate-view-727708a/composer.json",
"spatie-laravel-menu-999ceeb/composer.json",
"spatie-laravel-export-c10aebb/composer.json",
"."
],
"license_count":9,
"dependency_count":91,
"todo_count":7,
"unresolved_issue_count":0,
"dependency_cache_valid":"2019-09-24T21:42:54.777Z",
"dependency_cache_updated":"2019-09-24T21:42:54.777Z",
"package_cache_error":null,
"integration_hook_status":"COMPLETE",
"integration_hook_updated_at":"2019-09-24T21:42:48.667Z",
"link":null,
"declaredLicense":"MIT",
"latestRevisionScanId":1223236,
"createdAt":"2019-09-24T21:37:32.789Z",
"updatedAt":"2019-09-25T07:54:49.771Z",
"meta":[
{
"organizationId":1390,
"revisionId":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"last_scan":"2019-09-24T21:42:43.780Z",
"to_scan":null,
"createdAt":"2019-09-24T21:42:35.038Z",
"updatedAt":"2019-09-24T21:42:43.780Z"
}
],
"project":{
"title":"stancy",
"description":"🚧 WIP",
"locator":"git+github.com/Astrotomic/stancy",
"url":"https://github.com/Astrotomic/stancy",
"public":true,
"browsing_access_level":"common",
"browsing_access_depth":5,
"transitive_excludes":[
],
"project_scopes":[
"compile",
"runtime"
],
"organizationId":1390,
"bom_column_settings":[
],
"default_branch":"master",
"scan_mediated_dependencies":true,
"require_mediated_dependencies":false,
"authors":[
"[email protected]"
],
"projectCorrection":null
},
"isSteady":true,
"revisionScans":[
{
"id":1223236,
"scanned_at":"2019-09-24T21:42:43.532Z",
"organizationId":1390,
"revisionId":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"policyMeta":{
"licensing":{
"title":"Standard Bundle Distribution",
"default_action":"APPROVE",
"rules":[
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Apache-1.1",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"GPL-2.0-only",
"notes":"These packages contain code files that may require you to disclose your source code under a compatible license, unless they’re distributed and run as completely separate processes & packages.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"EPL-1.0",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"ZPL-2.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"ZPL-1.1",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"GPL-3.0-with-GCC-exception",
"notes":"Safe to include or link in an executable provided that source availability/attribution requirements are followed.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"LGPL-2.1-only",
"notes":"Requires you to (effectively) disclose your source code if the library is statically linked to your project. Not triggered if dynamically linked or a separate process.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"UPL-1.0",
"notes":"A highly permissive license similar to the MIT License with added features including an explicit patent grant, clear ability to relicense (to commercial, proprietary, copyleft or etc...) and usable as a CLA.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"GPL-2.0-with-classpath-exception",
"notes":"Safe to include or link in an executable provided that source availability/attribution requirements are followed.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"W3C",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"GPL-3.0-only",
"notes":"These packages contain code files that may require you to disclose your source code under a compatible license, unless they’re distributed and run as completely separate processes & packages.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Zlib",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"DENY",
"target":"license",
"targetId":null,
"licenseId":"SimPL-2.0",
"notes":"SimPL requires you to disclose the source code of “derivative” works (similar to GPL). Due to the ambiguity of what triggers a “derivative” work, we by default deny SimPL.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"BSD-3-Clause",
"notes":null,
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"BSD-2-Clause",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"BSL-1.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"MPL-1.1",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"ISC",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"LGPL-3.0-only",
"notes":"Requires you to (effectively) disclose your source code if the library is statically linked to your project. Not triggered if dynamically linked or a separate process.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"AGPL-3.0-only",
"notes":"These packages contain code files that may require you to disclose your source code under a compatible license, unless they’re distributed and run as completely separate processes & packages. AGPL also contains provisions requiring delivery of installation information for consumer devices (which may be inconsistent with use in closed systems).",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Python-2.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"PDDL-1.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"MS-RL",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"CDDL-1.0",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"CPOL-1.02",
"notes":"You cannot use the package for “illegal, immoral or improper purposes” or “distribute the Executable Files or Source Code with any technological measures that control access or use of the Work in a manner inconsistent with the terms of this License” (which may be inconsistent with delivery in closed systems) and you must “ensure that anyone receiving such Executable Files and Source Code agrees that the terms of this License apply to such Executable Files and/or Source Code” (which requires an assent mechanism).",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"ZPL-2.1",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"AFL-3.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"MPL-2.0",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"MIT",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"WTFPL",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"ClArtistic",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Artistic-2.0",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Artistic-2.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"FLAG",
"target":"license",
"targetId":null,
"licenseId":"Artistic-1.0",
"notes":"Safe if code isn’t modified and notice requirements are followed. Otherwise, you must state and disclose the source code of modifications/derivative works.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
},
{
"action":"APPROVE",
"target":"license",
"targetId":null,
"licenseId":"Apache-2.0",
"notes":"Permissive license which is perfectly safe to use provided proper attribution is given and retained.",
"depthCondition":null,
"nameCondition":null,
"linkingCondition":null,
"minimumPriority":null,
"maximumPriority":null
}
]
}
},
"createdAt":"2019-09-24T21:42:43.000Z",
"updatedAt":"2019-09-24T21:42:43.000Z"
}
],
"issues":[
{
"humanReadableType":"flagged project",
"priorityString":"low",
"type":"policy_flag",
"resolved":false,
"parents":[
{
"locator":"git+github.com/Astrotomic/stancy",
"IssueProject":{
"resolved":true
}
}
],
"RevisionScanIssue":{
"revisionScanId":1223236,
"issueId":240367,
"createdAt":"2019-09-24T21:42:43.000Z",
"updatedAt":"2019-09-24T21:42:43.000Z"
}
},
{
"humanReadableType":"flagged project",
"priorityString":"low",
"type":"policy_flag",
"resolved":false,
"parents":[
{
"locator":"git+github.com/Astrotomic/stancy",
"IssueProject":{
"resolved":true
}
}
],
"RevisionScanIssue":{
"revisionScanId":1223236,
"issueId":240368,
"createdAt":"2019-09-24T21:42:43.000Z",
"updatedAt":"2019-09-24T21:42:43.000Z"
}
}
],
"unresolved_issue_counts":{
},
"dependencies":[
{
"loc":{
"fetcher":"comp",
"package":"spatie/sheets",
"revision":"1.3.3"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/sheets$1.3.3",
"resolved":true,
"parent_locator":"comp+spatie/sheets$1.3.2",
"project":{
"locator":"comp+spatie/sheets",
"title":"spatie/sheets",
"organizationId":null,
"url":"https://github.com/spatie/sheets",
"description":"Store & retrieve your static content in plain text files"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/sheets$1.3.3",
"unresolved_locator":"comp+spatie/sheets$^1.3.3",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.859Z",
"updatedAt":"2019-09-24T21:42:05.859Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/schema-org",
"revision":"2.3.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/schema-org$2.3.0",
"resolved":true,
"parent_locator":"comp+spatie/schema-org$2.2.1",
"project":{
"locator":"comp+spatie/schema-org",
"title":"spatie/schema-org",
"organizationId":null,
"url":"https://github.com/spatie/schema-org",
"description":"A fluent builder Schema.org types and ld+json generator"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/schema-org$2.3.0",
"unresolved_locator":"comp+spatie/schema-org$^2.3",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.859Z",
"updatedAt":"2019-09-24T21:42:05.859Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-view-models",
"revision":"1.2.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-view-models$1.2.0",
"resolved":true,
"parent_locator":"comp+spatie/laravel-view-models$1.1.1",
"project":{
"locator":"comp+spatie/laravel-view-models",
"title":"spatie/laravel-view-models",
"organizationId":null,
"url":"https://github.com/spatie/laravel-view-models",
"description":"View models in Laravel"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-view-models$1.2.0",
"unresolved_locator":"comp+spatie/laravel-view-models$^1.2",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.859Z",
"updatedAt":"2019-09-24T21:42:05.859Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-sitemap",
"revision":"5.5.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-sitemap$5.5.0",
"resolved":true,
"parent_locator":"comp+spatie/laravel-sitemap$5.4.0",
"project":{
"locator":"comp+spatie/laravel-sitemap",
"title":"spatie/laravel-sitemap",
"organizationId":null,
"url":"https://github.com/spatie/laravel-sitemap",
"description":"Create and generate sitemaps with ease"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-sitemap$5.5.0",
"unresolved_locator":"comp+spatie/laravel-sitemap$^5.4",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.859Z",
"updatedAt":"2019-09-24T21:42:05.859Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-menu",
"revision":"3.4.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-menu$3.4.0",
"resolved":true,
"parent_locator":"comp+spatie/laravel-menu$3.3.1",
"project":{
"locator":"comp+spatie/laravel-menu",
"title":"spatie/laravel-menu",
"organizationId":null,
"url":"https://github.com/spatie/laravel-menu",
"description":"Html menu generator for Laravel"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-menu$3.4.0",
"unresolved_locator":"comp+spatie/laravel-menu$^3.4",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-feed",
"revision":"2.4.1"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-feed$2.4.1",
"resolved":true,
"parent_locator":"comp+spatie/laravel-feed$2.4.0",
"project":{
"locator":"comp+spatie/laravel-feed",
"title":"spatie/laravel-feed",
"organizationId":null,
"url":"https://github.com/spatie/laravel-feed",
"description":"Generates rss feed"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-feed$2.4.1",
"unresolved_locator":"comp+spatie/laravel-feed$^2.4",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-blade-x",
"revision":"2.3.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-blade-x$2.3.0",
"resolved":true,
"parent_locator":"comp+spatie/laravel-blade-x$2.2.3",
"project":{
"locator":"comp+spatie/laravel-blade-x",
"title":"spatie/laravel-blade-x",
"organizationId":null,
"url":"https://github.com/spatie/laravel-blade-x",
"description":"Supercharged Blade components"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-blade-x$2.3.0",
"unresolved_locator":"comp+spatie/laravel-blade-x$^2.3",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/laravel-export",
"revision":"0.1.5"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/laravel-export$0.1.5",
"resolved":true,
"parent_locator":"comp+spatie/laravel-export$0.1.4",
"project":{
"locator":"comp+spatie/laravel-export",
"title":"spatie/laravel-export",
"organizationId":null,
"url":"https://github.com/spatie/laravel-export",
"description":"Create a static site bundle from a Laravel app"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/laravel-export$0.1.5",
"unresolved_locator":"comp+spatie/laravel-export$^0.1.5",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"illuminate/support",
"revision":"v6.0.4"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+illuminate/support$v6.0.4",
"resolved":true,
"parent_locator":"comp+illuminate/support$v6.0.3",
"project":{
"locator":"comp+illuminate/support",
"title":"illuminate/support",
"organizationId":null,
"url":"https://laravel.com",
"description":"The Illuminate Support package."
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+illuminate/support$v6.0.4",
"unresolved_locator":"comp+illuminate/support$^6.0",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
},
{
"loc":{
"fetcher":"comp",
"package":"spatie/data-transfer-object",
"revision":"1.9.0"
},
"licenses":[
],
"discoveredLicenses":[
],
"locator":"comp+spatie/data-transfer-object$1.9.0",
"resolved":true,
"parent_locator":"comp+spatie/data-transfer-object$1.8.0",
"project":{
"locator":"comp+spatie/data-transfer-object",
"title":"spatie/data-transfer-object",
"organizationId":null,
"url":"https://github.com/spatie/data-transfer-object",
"description":"Data transfer objects with batteries included"
},
"Dependency":{
"manual":false,
"parent":"git+github.com/Astrotomic/stancy$5c224f48a8fe07f17d53af6450089fa7c93564a8",
"child":"comp+spatie/data-transfer-object$1.9.0",
"unresolved_locator":"comp+spatie/data-transfer-object$^1.9",
"origin_paths":[
"composer.json"
],
"optional":false,
"transitive_excludes":[
],
"tags":[
],
"is_submodule":false,
"createdAt":"2019-09-24T21:42:05.858Z",
"updatedAt":"2019-09-24T21:42:05.858Z"
},
"origin_paths":[
"composer.json"
],
"optional":false,
"manual":false
}
]
}
I guess it's the unresolved_issue_count field that determines whether a scan is passing.
I'm willing to contribute a pr if this solution is acceptable.
FOSSA.io provides scanning of FOSS licenses of the project and its dependencies. It supports generating shields itself, but they're limited (no options like on shields.io). Example:
https://app.fossa.io/api/projects/git%2Bgithub.com%2FAthari%2FCsConsoleFormat.svghttps://app.fossa.io/api/projects/git%2Bgithub.com%2FAthari%2FCsConsoleFormat.svg?type=shieldThere's API, but it's only available for paying Enterprise customers. However, the SVG badge itself can be parsed, I guess.
👋
