tdruez

The content in https://github.com/django/django/tree/main/docs/releases seems to be manually added though.

@swastkk I think you are missing my initial point: > The changelog can be automatically generated from the commits at release time. What would be more interesting instead of maintaining...

> Why? @vargenau `golang` and `alpine` types are not yet supported by `purl2url`. Could you please provide the expected output for each of your examples, this would help to add...

@vargenau I've added `golang` support for the `get_repo_url` in https://github.com/package-url/packageurl-python/commit/fffc8ac24b27cd60518cb8e302e2c4c9abd37212#diff-2f9af27ff6ddefbfe1bd9790a393d43c19fd1f4c5325be411898a260517ca164R241 It is available in the latest version. > purl2url.get_download_url("pkg:golang/xorm.io/[email protected]") > could return > https://pkg.go.dev/xorm.io/[email protected]#section-sourcefiles > This is not optimal, I...

@CsatariGergely could you provide some examples of `golang` purls that would not be supported at the moment? I do not see any addition to the test data in your PR.

> What do you think about this regex @jloehel You should add the URL listing in the `url2purl.json` with their expected PURLs. You can then run the tests and adapt...

> These are different!!! How do we know what type (curations/regular) we are dealing with?

@AyanSinhaMahapatra I don't think it's a good idea to break the previous behavior like this. Instead, the empty license compliance alert should be driven by the license policy conf.

@RabeeaEgbareia You can try again disabling multiprocessing first, as suggested previously: https://github.com/nexB/scancode.io/issues/642#issuecomment-1496308424

https://scancodeio.readthedocs.io/en/latest/application-settings.html#scancodeio-processes