Jono Yang
Jono Yang
This PR updates `DatafileHandler.assemble()` and `DatafileHandler.assemble_from_many()` to yield Packages, Dependencies, and Resources before associating Packages to Resources using a `package_adder`. This is to help with using packagedcode Package handlers in...
I have compiled a text file that contains erroneous copyright detection values. I have removed quote characters and separated each copyright value by several lines. [bad-copyright-detections.txt](https://github.com/nexB/scancode-toolkit/files/5985058/bad-copyright-detections.txt)
We want to reuse the code from the `assembly()` method of the different `PackageHandler`s in scancode.io, and the current method of associating Packages to Resources (in the `assembly()` methods), where...
This is related to https://github.com/nexB/scancode.io/issues/447, where we are implementing the Package assembly step of Package scanning in scancode.io. In scancode.io, we need to create the Package before we can associate...
In the case of podspec manifests, sometimes the version is defined in a variable and we end up capturing the version variable name as the version value rather than the...
Scancode does not associate all Package Resources to a system Package when running --system_package on a Debian RootFS that was extracted with extractcode. This problem is caused by extractcode replacing...
In my program, I am calling `cli.run_scan()` to get information using the scancode scanners. I also want to strip the roots from the paths of the Resources from the scan,...
When scanning the package `atheris v 2.0.11` (https://github.com/google/atheris/archive/refs/tags/2.0.11.tar.gz) using the `--summary` plugin, the `declared_holder` value in the scan summary is `Bitshift`, which is the author of the package. This was...
I downloaded a distroless docker image from `docker://gcr.io/distroless/base`, extracted the layers, and run scancode on them using the `--system-package` option. However, scancode did not return any system installed packages.
I am scanning `electron` v 3.1.11 from npm (https://www.npmjs.com/package/electron) and I do not see any values in the `for_packages` field for the scanned Resources, other than the `package.json` Resource. I...