tdruez
tdruez
DejaCode displays data as provided by ScanCode.io (powered by ScanCode-toolkit). If the presented values seem wrong, this is likely an issue on the toolkit side. ``` $ scancode --json-pp -...
Going through the discussion, I see 2 main issues: 1. Only superusers can manage the object permissions through the admin. 2. The permissions are not shared across loosely "related" objects,...
We should implement this as a new pipeline. The enrich data can be included in the exports when available.
@rabajaj0509 https://scancodeio.readthedocs.io/en/latest/contributing.html is a good start.
> Identify all forms and processes that refer to VCID in DejaCode and determine how to adapt them to Advisory ID. In DejaCode, the "Vulnerability VCID" is defined as a...
@pombredanne Could you provide some context and reasoning about the need for this?
I'm asking for more context because I’m wondering if a date-based approach is the best fit here. For instance, what’s the benefit of a daily build if there were no...
@AyanSinhaMahapatra Is the problem still exist after the merge of https://github.com/aboutcode-org/scancode.io/pull/1418 ?
@pombredanne Any suggestions? Also, keep in mind that this command was made to be executed in a container execution context, such as: ``` docker run --rm \ ghcr.io/nexb/scancode.io:latest \ sh...
@chinyeungli `DiscoveredDependency.datafile_resource` so the first option is to keep it null (and maybe use another field to keep a loose relation/information about the `pom.xml`) The second approach would be to...