... | ... | @@ -26,17 +26,7 @@ Each report has a specific usage, and for general analysis we recommend looking |
|
|
|
|
|
|
|
|
----
|
|
|
When a violation is found, like `NPM::argparse:1.0.10`, then one needs to assess the package and add a new entry in the IPZilla knowledge base. It will be soon exported as a curation file and re-integrated in the following scans, removing the violation.
|
|
|
|
|
|
The best way to check a dependency or violation is to go to the run's [Web App report](https://ort-vm1.eclipse.org/files/ecd.che/che/202204120849/scan-report-web-app.html) and dive into the violation tree:
|
|
|
|
|
|
### ClearlyDefined
|
|
|
|
|
|
After a run the remaining violations are checked against the [clearlydefined](https://clearlydefined.io) knowledge base and, if found, exported as curations in the `conf/curations/clearlydefined_curations.yml file`. The curations found and checked during the run will be integrated into the following run automatically.
|
|
|
|
|
|
### Automatic submission
|
|
|
|
|
|
Remaining entries are then fed into the dash tool, which checks (again..) the clearlydefined knowledge base and then optionally submit entries into the IPLab DB.
|
|
|
When a violation is found, like `NPM::argparse:1.0.10`, then one needs to assess the package and add a new entry in the [IPLab knowledge base](https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab). It will be soon exported as a curation file and re-integrated in the following scans, removing the violation.
|
|
|
|
|
|
## Common errors
|
|
|
|
... | ... | |