... | ... | @@ -3,7 +3,8 @@ The various configuration files recognised by ORT and used for our setup are all |
|
|
* `config.yml` is the main configuration file for ORT, used for backend cache, scancode options, etc.
|
|
|
* `evaluator.rules.kts` declares what category of licenses are ok in our context, and includes the OSADL matrix computations.
|
|
|
* `license-classifications.yml` defines the category of licenses that we use (approved or ignored). This file is regularly updated from [Eclipse's official list](https://www.eclipse.org/legal/licenses.json).
|
|
|
* `curations/` contains all the curations we manually feed to ORT.
|
|
|
* `curations/` is a folder containing all the curations we manually feed to ORT.
|
|
|
* `repositories/` is a folder containing all the curations and resolutions related to analysed projects and repositories.
|
|
|
|
|
|
|
|
|
## Generic structure
|
... | ... | @@ -14,17 +15,18 @@ The various configuration files recognised by ORT and used for our setup are all |
|
|
|
|
|
Curations are used to correct invalid or missing package metadata, configure licenses mapping, or set the concluded license for packages.
|
|
|
|
|
|
The defined process includes curations retrieved from [clearlydefined](https://clearlydefined.io) and from the [Eclipse IPLab](https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab).
|
|
|
The defined process includes curations retrieved from [clearlydefined](https://clearlydefined.io) and from the [Eclipse IPLab](https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab) project.
|
|
|
|
|
|
IPLab is the official reference for dependencies manually vetted by the Eclipse IP team. A dedicated script exports the whole set of validated issues as [a YML file](http://www.eclipse.org/projects/services/curations.yml.php), and we [regularly update](Strategy-for-global-analysis) ORT configuration with the newest export.
|
|
|
**IPLab** is the official reference for dependencies manually vetted by the Eclipse IP team. A dedicated script exports the whole set of validated issues as [a YML file](http://www.eclipse.org/projects/services/curations.yml.php), and we [regularly update](Strategy-for-global-analysis) ORT configuration with the newest export.
|
|
|
|
|
|
For more information about curations, see the official documentation for curations hosted in their repository [1]. There is an example file provided for convenience [2].
|
|
|
For more information about curations, see the [official documentation](https://github.com/oss-review-toolkit/ort/blob/main/docs/config-file-curations-yml.md) for curations hosted in their repository. There is an [example file](https://github.com/oss-review-toolkit/ort/blob/main/examples/curations.yml) provided for convenience.
|
|
|
|
|
|
[1] https://github.com/oss-review-toolkit/ort/blob/main/docs/config-file-curations-yml.md \
|
|
|
[2] https://github.com/oss-review-toolkit/ort/blob/main/examples/curations.yml
|
|
|
|
|
|
## Repositories
|
|
|
|
|
|
## Repository resolutions
|
|
|
The process uses repository-specific curations and resolutions when executing the analysis on projects.
|
|
|
* If a file named `ort.yml` already exists at the root of the repository, then we use it.
|
|
|
* Otherwise we use the one stored in the folder `repositories/<project>/<repo>`. If it doesn't exist there already, we use a [default one](https://gitlab.eclipse.org/eclipsefdn/emo-team/eclipsefdn-ort/-/blob/main/conf/repositories/ort_template.yml).
|
|
|
|
|
|
Note on resolutions: \
|
|
|
[Resolutions](https://github.com/oss-review-toolkit/ort/blob/main/docs/config-file-resolutions-yml.md) allow you to resolve issues, policy rule violations or vulnerabilities on specific projects, by providing a reason why they are acceptable and can be ignored. |
|
|
|