Daniel Kreck
Daniel Kreck
Hi, by default, fossa excludes test dependencies which is great. For gradle builds, this is determined by a list of configurations that are considered as test dependencies. As far as...
Hello, we are currently trying to upgrade `jackson-dataformat-xml` in our product from `2.11.4` to `2.12.4`. However, with the new version we encounter problems when it comes to using `defaultUseWrapper(false)` in...
An ORT scan is applied on downloaded source code of external dependencies and on the scanned project itself. The latter is necessary to also cover OSS code that has been...
### Describe the bug When I perform an ORT analysis on our NPM project, I get an error (see below) for some of the `package.json` files of the project. The...
### Describe the bug This is a follow-up to #10721. While the fix correctly preserves the original license operator (OR) when applying package curations to packages that already have a...
### Describe the bug When scanning projects containing AngularJS dependencies (`angular`, `angular-sanitize`, and `angular-animate` in version 1.8.3), ORT version 70.1.0 fails with an `IllegalArgumentException` stating "Found multiple scan results for...
This is a follow-up fix of https://github.com/oss-review-toolkit/ort/pull/10961. There is an edge case where the original fix doesn't work: In case of two declared licenses of which one is no proper...
### Describe the bug The ORT evaluator incorrectly reports license violations when a package has multiple license findings with both license choices and path excludes applied. This seems to be...