ort icon indicating copy to clipboard operation
ort copied to clipboard

Published 20 hours ago verified publisher icon oss-review-toolkit

Come up with a generic way to create IDs for local packages with missing metadata

Open sschuberth opened this issue 5 years ago • 2 comments

We have different fallbacks for this case in different package manages (GoDep, Npm, Pip, Unmanaged, and probably more), but we should unify the handling.

sschuberth avatar Oct 02 '20 08:10 sschuberth

Some more thoughts on the topic of "generating" project IDs: Running e.g. GoDepFunTest via Travis CI on a fork of ORT currently fails as the expected result hard-codes the upstream URL "github.com/oss-review-toolkit/ort". But actually I believe just having the name "ort", the path inside the repository, and the revision should be enough to uniquely identify the project (actually, the Git SHA1 alone should already be), and as a bonus, unmodified forks would be considered as the same project.

Edit: The above will for now be addressed by https://github.com/oss-review-toolkit/ort/pull/3207.

sschuberth avatar Oct 13 '20 08:10 sschuberth

The situation has improved since https://github.com/oss-review-toolkit/ort/pull/6544, but it is not used consistently yet.

sschuberth avatar Apr 29 '24 10:04 sschuberth

Closed as part of backlog grooming. Feel free to comment if you would like to contribute to this.

sschuberth avatar May 27 '24 08:05 sschuberth