-
Jamie Tanna authored
As a step towards #223, we can introduce a new table, `external_licenses`, which provides the ability to store licensing information for dependencies, without relying on DMD's means for determining license data. As part of #223, this will be retrieved from SBOMs, but this also makes it possible to sideload the data from other sources, such as more consistent or reliable means (taking care to note #251!). As we're adding a new table, we need to set up the boilerplate, including the `repositories.Repository` interface. Note that this is slightly different to `depsdev_licenses`, as this now includes a `package_manager`. As these values may be inserted manually, we should make sure that validation is enforced on the table.
985b7b21Jamie Tanna authoredAs a step towards #223, we can introduce a new table, `external_licenses`, which provides the ability to store licensing information for dependencies, without relying on DMD's means for determining license data. As part of #223, this will be retrieved from SBOMs, but this also makes it possible to sideload the data from other sources, such as more consistent or reliable means (taking care to note #251!). As we're adding a new table, we need to set up the boilerplate, including the `repositories.Repository` interface. Note that this is slightly different to `depsdev_licenses`, as this now includes a `package_manager`. As these values may be inserted manually, we should make sure that validation is enforced on the table.
Loading