Sebastian Schuberth

icon indicating a website link https://www.doubleopen.org/

icon company CTO of @doubleopen-project icon location Berlin, Germany icon location A Kotlin enthusiast who's enjoying to work with and on Open Source Software.

Results 1572 comments of Sebastian Schuberth

Version 0.14.0 misses several source packages

Ok, interesting: With `--prefer-source` I can get the source package again, but then the binary package URL is missing. Is there a way to restore the original behavior to get...

Version 0.14.0 misses several source packages

So, the way it seems to have worked in `python-inspector` 0.10.0 is that whole separate packages were created for binary and source packages, essentially doubling the number of packages. With...

Version 0.14.0 misses several source packages

We use these options: ```json "options": [ "--analyze-setup-py-insecurely", "--index-url https://pypi.org/simple", "--json-pdt /tmp/ort-PythonInspector5393608600190755772/python-inspector8932738510953399825.json", "--operating-system linux", "--python-version 27", "--setup-py /home/sebastian/Development/GitHub/oss-review-toolkit/ort/plugins/package-managers/python/src/funTest/assets/projects/external/spdx-tools-python/setup.py", "--verbose" ], ``` On this file: https://github.com/spdx/tools-python/blob/a48022e65a8897d0e4f2e93d8e53695d2c13ea23/setup.py

Version 0.14.0 misses several source packages

> Is there a way to restore the original behavior to get the binary _and_ source package URLs in a single run? Ping on this. I'm just curious whether it...

Consolidate Scan Storages

For reference, this also relates to the pending draft at https://github.com/oss-review-toolkit/ort/pull/5516 which tries to address the storage configuration complexity by centralizing and reusing it.

Consolidate Scan Storages

> To simplify the configuration, the proposal is to consolidate the configuration to just two types of data: That distinction makes sense to me. And maybe the interfaces should be...

Consolidate Scan Storages

> we support package and provenance based storages. I would like to remove the support for package based storages I'm fine with removing support for package-based storages. Just as a...

Add an option to disrespect ignore files

@jpeddicord, mind having a look?

SSLHandshakeException with ClearlyDefined.io

This ``` Caused by: ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Caused by: SunCertPathBuilderException: unable to find valid certification path to requested...

SSLHandshakeException with ClearlyDefined.io

@georg-eckert-zeiss, can you re-test with a recent ORT release as we've switched to Java 21 which probably comes with updated certificates?