... | ... | @@ -4,12 +4,28 @@ When your project has been analysed, either via an [ad-hoc execution](Executing- |
|
|
|
|
|
## Classic workflow
|
|
|
|
|
|
There are different ways to get to a repo's analysis:
|
|
|
* Either via its project: https://ort-vm1.eclipse.org/projects/ -- which also lists the runs associated to the project,
|
|
|
* Or directly via the list of runs: https://ort-vm1.eclipse.org/runs/.
|
|
|
|
|
|
![image](uploads/abd788afba4a1032225c04bb57c6ac0e/image.png)
|
|
|
|
|
|
Each run offers the following information:
|
|
|
* Project, repository and time of analysis.
|
|
|
* The number of violations, as well as a CSV export to run further analysis on your favourite BI tool.
|
|
|
* The log file of the run.
|
|
|
* Links to the various reports generated by ORT: WebApp report, Static html report, Notice file, SPDX SBOM, CycloneDX SBOM.
|
|
|
|
|
|
Each report has a specific usage, and for general analysis we recommend looking at the WebApp report:
|
|
|
|
|
|
![image](uploads/1f22a166b314e0142dc0480b21aca2ea/image.png)
|
|
|
|
|
|
|
|
|
----
|
|
|
When a violation is found, like `NPM::argparse:1.0.10`, then one needs to assess the package and add a new entry in the IPZilla knowledge base. It will be soon exported as a curation file and re-integrated in the following scans, removing the violation.
|
|
|
|
|
|
The best way to check a dependency or violation is to go to the run's [Web App report](https://ort-vm1.eclipse.org/files/ecd.che/che/202204120849/scan-report-web-app.html) and dive into the violation tree:
|
|
|
|
|
|
![Screenshot_at_2022-04-05_11-01-16](uploads/7bb5e31e5b6b74f6db72093885798662/Screenshot_at_2022-04-05_11-01-16.png)
|
|
|
|
|
|
### ClearlyDefined
|
|
|
|
|
|
After a run the remaining violations are checked against the [clearlydefined](https://clearlydefined.io) knowledge base and, if found, exported as curations in the `conf/curations/clearlydefined_curations.yml file`. The curations found and checked during the run will be integrated into the following run automatically.
|
... | ... | |