Philippe Ombredanne
Philippe Ombredanne
Some directions: - [x] #399 - [x] #400 - [ ] https://github.com/nexB/scancode.io/issues/787 - [ ] https://lief.re/ (for ELF/Mach-O/PE symbols) - [ ] https://github.com/AlDanial/cloc (for Cloc) - [ ] some tool...
UBI stands for Universal Base Image and is based on RHEL (not open source) We should index these images so we can match them (and their packages) For instance: https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.8-1067.1696517599...
We have indexes at https://packages.microsoft.com/cbl-mariner - https://packages.microsoft.com/yumrepos/ - All the RPM repos ... also mostly in https://packages.microsoft.com/config/ (but excluding Mariner there) - https://packages.microsoft.com/repos/ - All the apt repos .... also...
We need to find, scan and index the source package of a distro package found in a container. Why? the binaries most often have sketchy origin and license data. Some...
If I run the README instructions: ``` git clone https://github.com/nexb/purldb cd purldb make dev make envfile make postgres make postgres_matchcodeio ``` This fails with: ``` django.core.exceptions.ImproperlyConfigured: Set the SECRET_KEY environment...
Reference: https://github.com/nexB/purldb/issues/132
Some PURLs may not be classified correctly in their Package set: ``` "package_content": "source_repo", "purl": "pkg:maven/org.apache.htrace/[email protected]?classifier=sources ``` .... should be a source_archive ``` "package_content": "source_archive", "purl": "pkg:maven/org.apache.htrace/[email protected]", ``` ... should...
We should create and publish on RTD a comprehensive installation and usage documentation for the various PURL-based services of PurlDB. This should be backed by a publicly accessible demo system