feat(package-configurations): Add some path excludes for commons-compress #192
Conversation
There was a problem hiding this comment.
I also package configuration for this package that is pending us agree on some rules. Mine was party generated with ort helper cli and a bit more elaborate/complete, propose you we use mine.
---
id: "Maven:org.apache.commons:commons-compress:1.26.2"
vcs:
type: "Git"
url: "https://gitbox.apache.org/repos/asf/commons-compress.git"
revision: "95727006cac0892c654951c4e7f1db142462f22a"
path_excludes:
- pattern: ".github/**"
reason: "BUILD_TOOL_OF"
- pattern: "CODE_OF_CONDUCT.md"
reason: "DOCUMENTATION_OF"
- pattern: "CONTRIBUTING.md"
reason: "DOCUMENTATION_OF"
- pattern: "SECURITY.md"
reason: "DOCUMENTATION_OF"
- pattern: "src/changes/**"
reason: "DOCUMENTATION_OF"
- pattern: "src/main/java/org/apache/commons/compress/archivers/examples/**"
reason: "EXAMPLE_OF"
- pattern: "src/site/**"
reason: "DOCUMENTATION_OF"
- pattern: "src/test/**"
reason: "TEST_OF"
license_finding_curations:
- path: "src/main/java/org/apache/commons/compress/archivers/zip/*.java"
detected_license: "LicenseRef-scancode-proprietary-license"
reason: "REFERENCE"
comment: |
Match on 'Refer to the section in this document entitled Incorporating PKWARE Proprietary Technology
into Your Product" for more information', see
https://github.com/apache/commons-compress/blob/rel/commons-compress-1.26.2/src/main/java/org/apache/commons/compress/archivers/zip/X0017_StrongEncryptionHeader.java#L251-L252
Git blame on sentence so this is a reference to ZIP file format specification, see
https://github.com/apache/commons-compress/commit/a433f62
concluded_license: "NONE"
IMO that's not a reason to block this PR, though. I'm sorry, but we cannot hold our breath and wait for you to move things forward, see also #131 which has been pending for almost a year.
Edit: Scratch that, I missed that it's covered by the broader |
package-configurations/Maven/org.apache.commons/commons-compress/1.26.2/vcs.yml
Outdated
Show resolved
Hide resolved
Did I say I wan't to block this PR - maybe it wasn't clear from my comment but I simply requested this PR to be updated to include the additional line from the codeblock in my comment |
The main goal of excluding the `src/test` directory is to exclude the
file at
src/test/resources/org/apache/commons/compress/COMPRESS-649/some-900kb-text.txt
(also see [1]) which contains random text in a single line, causing
ScanCode 32.1.0 to time out.
[1]: https://github.com/apache/commons-compress/blob/rel/commons-compress-1.26.2/src/test/resources/org/apache/commons/compress/COMPRESS-649/some-900kb-text.txt
Signed-off-by: Sebastian Schuberth <[email protected]>
Incorporate reviewed changed from @tsteenbe, see [1]. [1]: #192 (review) Signed-off-by: Sebastian Schuberth <[email protected]>
sschuberth
force-pushed
the
exclude-commons-compress-900kb-text
branch
from
0f7a5a2
to
5b91e14
Compare
Incorporate reviewed changed from @tsteenbe, see [1]. [1]: #192 (review) Signed-off-by: Thomas Steenbergen <[email protected]> Signed-off-by: Sebastian Schuberth <[email protected]>
sschuberth
force-pushed
the
exclude-commons-compress-900kb-text
branch
from
5b91e14
to
d56bbf9
Compare
Then this was indeed a misunderstanding. I've reviewed and incorporated your changes. |
First and foremost, exclude
some-900kb-text.txt1 which just contains random text in a single line, which makes ScanCode time out.Secondly, while at it, also exclude the
.githubbuild directory committed to VCS.