Comments (5)
The "Delta" of missing licenses is contained within this JSON file:
https://github.com/CycloneDX/sbom-utility/blob/main/docs/spdx-licenses-3-20-delta.json
from sbom-utility.
It would be interesting to write a script to take the published JSON index from SPDX vX.X and produce a merged (must be a merge, not an overwrite or custom notes/annotations would be lost)license.json
. This should improve future version updates.
from sbom-utility.
Please note that the MIT-equivalent "children" need a review as we have no verifiable reference to where these were found:
"children": [
"MIT-iOS",
"MIT-1.0",
"MIT-1.1",
"MIT-2.0"
],
from sbom-utility.
Also, along the MIT-equivalent "children" review please verify this:
{
"id": "",
"name": "BSD-equivalent",
"family": "BSD-equivalent",
"reference": "",
"osi": false,
"fsf": false,
"usagePolicy": "allow",
"annotationRefs": [
"APPROVED",
"NO-SPDX-ID"
],
"notes": [
"No SPDX IDs for 18 \"BSD-equivalent\" variants listed here:",
"BSD Facebook",
"BSD Google Patents File",
"BSD Antlr",
"BSD Bootstrap",
"BSD Bzip2",
"BSD DOM4J",
"BSD Eclipse Distribution License (EDL)",
"BSD HSQLDB",
"BSD Infozip",
"BSD Jaxen",
"BSD JSch",
"BSD NetSNMP",
"BSD OpenLayers",
"BSD Openssl",
"BSD Rene Nyffenegger license",
"BSD Sqlite3-ruby",
"BSD XStream",
"BSD YUI"
]
},
from sbom-utility.
Update: Should now look to use the latest 3.21 templates
from sbom-utility.
Related Issues (20)
- Enhancement: Summarize "duplicate components" schema error HOT 5
- Enhancement: Add testcases to validate JSF signatures HOT 1
- replace deprecated `ioutil` package functions with latest advised `io` and `os` package replacements HOT 10
- Support stdin for input HOT 1
- Include config.json and licenses.json in the compiled executable HOT 2
- Support Graph rendering of dependences and formatted (graph) output
- Testcase: Need test for new complex "licenseChoice" schema defn. HOT 1
- Create Microsoft Softare Installer (MSI) file for Windows
- Testcase: Need new test case for new "Creation Tools" object
- Release v013.0 is missing release assets HOT 2
- Testcase: Need testcase that has a CDXService with no "bom-ref"
- Support OWASP SCVS "Profiles" for use in validation, trimming, etc. commands
- `diff` panics while diffing two files HOT 9
- SIGSEGV: segmentation violation code=0x2 addr=0x0 pc=0x104bfa024
- Feature Request - Generate JSON with entire structure
- TODO: Change Formulation and ModelCard schemas to use pointers HOT 1
- Support SPDX in the "patch" command
- Add support for "legacy" and new `Tool` structure introduced in CycloneDX v1.5 HOT 1
- Support for both the v1.5 component evidence `identity` and the v1.6 array of `componentIdentityEvidence` HOT 2
- Add Apache Skywalking-eyes license checking to GitHub action CI workflow HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sbom-utility.