FEAT: Option to add copyright to SBOM result #1310
Comments
|
I want to implement this feature. My plan is to include checking for copyright evidences to the Any Legal stuff I need to know for attaching a proper evidence? I would scan LICENSE and NOTICE like files for a line that starts with |
followup of #1309 - fixed some false-positives for license evidences. - refactored some functionality, so that it is much easier to add #1310 later Signed-off-by: Jan Kowalleck <[email protected]>
jkowalleck
changed the title
I've assigned the ticket to you and flagged it as "need help" to signal that others are welcome to participate and discuss.
Basically nothing. I'd suggest connecting with other pears from the CycloneDX community and discuss expectations and requirements. I would expect this feature to be discussed on a broader basis, not webpack-only, and implemented dedicated to webpack, then. You may go with a minimal-viable-product approach at first, and follow with improvements via additional pull requests later. Please join the community slack (invite) to find others and experts in the field. |
closes: CycloneDX#1310 Signed-off-by: frozen_byte <[email protected]>
Is your feature request related to a problem? Please describe.
For legal documentation, I need the copyright holder for components.
Describe the solution you'd like
An option to enable integration of the copyright holder
Additional context
from discussion #1309 (comment)
For this feature it is necessary to scan the license-text for a copyright notice. This is already done by the license-scanner written in go and may become handy while implementing.
The text was updated successfully, but these errors were encountered: