Robert
Robert
This issue still appears in version 4.10.1. It would be great if child projects would be included in the listing. Our use case is to group different versions under a...
This is currently a major issue for me adopting DejaCode for real projects. I'd be willing to contribute / collaborate on this enhancement, but I'm currently unfamiliar with the codebase...
@pombredanne It's great to hear that you are already working on this. Sorry for missing the existing tickets, we can close this one if you think this is a complete...
> It helps, but is not essential. BTW the BSI link you posted https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03183/BSI-TR-03183-2.pdf?__blob=publicationFile&v=5 is awesome. I love that it references ScanCode licenses DB. But I am puzzled by their...
@pombredanne DejaCode now already represents used packages and dependencies in its internal model, which can be nicely viewed. However, the **exported SBOM still contain incorrect information** where all dependencies are...
@tdruez Yes, it shows both "Configured" and "Available" with a green checkmark. The `load_sbom` pipeline works ([with limitations](https://github.com/nexB/scancode.io/issues/1230)) and packages are being added to the project, but they are not...
The same issue seems to happen when using "Scan" > "Scan All Packages". The UI reports that the job has been successfully submitted, but they never appear in the scan...
@tdruez Unfortunately no errors are being reported. It looks like DejaCode thinks it has successfully submitted a job, but the ScanCode.io log does not indicate that it is receiving anything...
It seems that you're right, the imported packages from the SBOM only have the "Package URL" and "Inferred URL" populated, but not "Download URL". The SBOM that was uploaded has...
@tdruez There does not appear to be any documentation as far as I'm aware. The properties can be found in https://github.com/CycloneDX/cdxgen/blob/4a27933ee55914afecbd465ba4ca9a1da62a9cc1/utils.js#L818 being added through `pkg.properties` and `apkg.properties`. Wouldn't it make...