Sebastian Schuberth
Sebastian Schuberth
I'm just wondering whether there is any best practice / built-in means to "share" exit codes from chained subcommands. Because if one subcommand fails, you may still want to continue...
Like others (see related issues) I'm struggling with installing rugged, either because of missing tools / libraries (like CMake) or simply because it takes long. So how about simply publishing...
The Windows build has been [broken](https://github.com/libgit2/rugged/issues/612) multiple [times](https://github.com/libgit2/rugged/issues/669) already, so probably adding CI on Windows via [AppVeyor](https://www.appveyor.com/) in addition to Travis CI is a good idea. Apparently that was @arthurschreiber's...
It would be nice if the dependency reporting could be limited to a specific project directory. Usually, I'm not interested in all dependencies of all packages, but only in the...
According to [this comment](https://discuss.gradle.org/t/gradle-upgrade-from-v4-7-to-v7-3-3-gives-failed-to-notify-project-evaluation-listener-error/41844/2) from @Vampire there is no value in using Gradle's "all" vs. the standard "bin" distribution when using Kotlin DSL for the build scripts, which is what...
Please have a look at the individual commit messages for the details. *Note to the reviewers:* Please do not put too much effort into reviewing the (intermediate) CSV-based implementation, as...
In order to compare scan results with other scanners, and to be able to continue any existing workflows within FOSSology, it would be nice to use [FOSSology's REST API](https://www.fossology.org/get-started/basic-rest-api-calls/) to...
ORT's analyzer has various problems with resolving Python / PIP dependencies - [ ] Dependencies on native packages require native system stool to be installed, see #4578. - [ ]...
Maybe this could be used to more easily interchange analyzer / scanner / reporter results, see https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sarif. *Edit:* Potential libraries to use - https://github.com/detekt/sarif4j - https://github.com/JetBrains/qodana-sarif
Since the CycloneDX 1.2 spec, [the dependency graph moved from an extension to a core feature](https://github.com/CycloneDX/cyclonedx-core-java/issues/99#issuecomment-820619180). So after https://github.com/oss-review-toolkit/ort/pull/3897 is merged, we could make use of it as the hierarchy...