Johannes Kristan
Johannes Kristan
_From @bs-jokri on December 12, 2016 10:3_ Instead of manually uploading the source code attachments into sw360, one wants to have the option to use an external repository for data-keeping....
When a license info file is generated with spdx reports, it should be possible to disable found licenses if concluded licenses are available.
As a project responsible I want to have a quick overview about the vulnerabilities that are still open and fixed of my project. I would expect to have a report...
_From @bs-jokri on December 19, 2016 16:47_ Several stakeholders have requested an integration of sw360 with RTC. This ticket collects all information that is found to realize such an integration....
Sometimes one needs to deliver one spdx report for the complete set of dependencies of a project. Since we have spdx reports for all used releases it would be good...
It should be possible to have licenses associated with a state that indicates whether this license is already gone through a clearing process. (Is required to mark licenses imported from...
_From @bs-jokri on August 3, 2016 7:55_ Currently, only attachments to components are used as data source for disclosure document generation. It is required that also the imported information from...
_From @bs-jokri on September 18, 2017 14:22_ Currently, the license ref ID is used as license name from sPDX files. However, in Protex SPDX reports you also have a name...
_From @heydenreich on November 23, 2016 10:45_ When implementing permissions with shiro, only the "old" checks where replaced by new ones. But with shiro, you are able to specify new...