cavil
cavil copied to clipboard
openSUSE
The legal review and SBOM system used by SUSE and openSUSE
Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. Release notes Sourced from undici's releases. v5.28.4 :warning: Security Release :warning: Fixes https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7 CVE-2024-30260 Fixes https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672 CVE-2024-30261 Full Changelog: https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4 Commits fb98306 Bumped v5.28.4...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Currently we have to look at PostgreSQL directly to review ML classification results. This has become rather tedious with an increasing number of classification failures. We are going to need...
From the report it should be easier to create new license patterns. For many keyword matches Cavil already has a good estimation for what the license pattern metadata will look...
``` Dec 04 13:13:02 legaldb cavil[1636]: [1636] [e] Non-existing path in SPDX report 329096: /data/auto-co/legal-bot/java-11-openjdk/2a9e351679e9f9d5f078110b24744813/.unpacked/openjdk/test/jdk/sun/misc/URLClassPath/testclasses/+ª-ë-ï+Ñ-å-î.class Dec 04 13:13:05 legaldb cavil[1636]: [1636] [e] Non-existing path in SPDX report 329096: /data/auto-co/legal-bot/java-11-openjdk/2a9e351679e9f9d5f078110b24744813/.unpacked/openjdk/test/jdk/sun/security/tools/jarsigner/JarSigning_RU/New/ðñð©ÐêðÁÐÇ/English Dec...
``` ldig@legaldb:~/cavil> ./script/cavil minion job -f 28673440 T: 445 files ... Deep recursion on subroutine "File::Unpack::unpack" at /usr/lib/perl5/vendor_perl/5.18.2/File/Unpack.pm line 1170. unpack('/data/auto-co/legal-bot/gcc46/5c4638b8b35ffd2d07223f6844e9f64e/.unpacked/gcc-4.6.2-20111212/libgo/go/archive/zip/testdata/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r','/data/auto-co/legal-bot/gcc46/5c4638b8b35ffd2d07223f6844e9f64e/.unpacked/gcc-4.6.2-20111212/libgo/go/archive/zip/testdata/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r/r'): recursion limit 200 at /home/ldig/cavil/script/../lib/Cavil/Checkout.pm line 154. [2019-07-04 06:52:47.58874]...
Hello this is an example copy-paste, where rather than GPL-2.0+ we should use GPL-2.0-or-later and similar. It has happened to me a few times, that we've accepted changes to devel...
Hello team, SUSE is currently running a pilot of Github Copilot https://mysuse.sharepoint.com/sites/github-copilot-pilot/SitePages/Introduction.aspx So far it is a pilot aware of "AI Pair programmer" https://opensource.suse.com/legal/policy and none of the code will...
Currently it is very hard to audit and possibly correct any already finished reviews. We could probably expand the file viewer to show all pattern matches for the whole file,...
Hello team! from a position of person fast-tracking Leap legal reviews in my spare time. As part of my reviews if I see a package where list of licenses doesn't...