Also generate SPDX SBOM #48
Labels
No Label
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
No Milestone
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: reuse/api#48
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
A potential feature could be that we run
reuse spdx
after each lint, and offer this file (so a SPDX software bill of materials) for download on the info page.This may slightly increase load on our worker machine, and some extra traffic on api.reuse.software. But since it's plain text, that will probably be marginal.
A challenge would be to somehow get the SBOM to the API, and find a clever way to store it there. Right now, we only take the lint output (so basically the output via SSH and its exit code).
Accessing the SBOM from the database may be easiest and most secure, but also the most performant?