-
Jamie Tanna authored
As part of #223, we want to consume licensing information from SBOMs, if found. We've now introduced the `external_licenses` table, which will house this data, we need to consume it. We can update each SBOM parser and also pull out licensing information, if present. With this data, we can then insert it in bulk into the `external_licenses` table. This requires we introduce a new `License` domain model, which matches the schema for `external_licenses` and does _not_ match `depsdev_licenses` due to us not storing a `package_manager`. Although not many SBOMs - including those from Dependabot - include any licensing information, we can at least wire it in, so as and when we have the data made available, we can report on it. Closes #223.
a97561c4Jamie Tanna authoredAs part of #223, we want to consume licensing information from SBOMs, if found. We've now introduced the `external_licenses` table, which will house this data, we need to consume it. We can update each SBOM parser and also pull out licensing information, if present. With this data, we can then insert it in bulk into the `external_licenses` table. This requires we introduce a new `License` domain model, which matches the schema for `external_licenses` and does _not_ match `depsdev_licenses` due to us not storing a `package_manager`. Although not many SBOMs - including those from Dependabot - include any licensing information, we can at least wire it in, so as and when we have the data made available, we can report on it. Closes #223.
This project is licensed under the Apache License 2.0.
Learn more
Loading