Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Nishant Choudhary
    @nishantc7
    Hi @rtgdk how do I run tests for the api code in the python3 branch? python src/manage.py test app.tests works for me for app tests, but none of the api tests seem to execute for me with test api.tests, here are the logs.
    Santiago Torres
    @SantiagoTorres
    @nishantc7 are you using this branch? https://github.com/spdx/spdx-online-tools/tree/python3
    1 reply
    RishabhBhatnagar
    @RishabhBhatnagar

    I had one doubt though. Correct me if I'm wrong. The SPDX Document that is mentioned in the problem statement points to the in-memory representation of the document struct of the data model.

    @Tarunmoses, yes, you're right.

    Sahil Nirkhe
    @stacks13
    Mentors @goneall @zvr , I've shared my draft proposal for your consideration for Generate a JSON Representation of the Specification from Structured Markdown
    Please do have a look.
    Gary O'Neall
    @goneall
    @m1kit There are 3 license matcher implementations in the SPDX repos. There is a Python matcher based on Regular Expressions implemented with a goal of supporting the full matching guidelines: https://github.com/spdx/spdx_python_licensematching A Java implementation within the SPDX Java Tools: https://github.com/spdx/Spdx-Java-Library/blob/master/src/main/java/org/spdx/utility/compare/LicenseCompareHelper.java and the spdx-license-matcher mentioned in your post.
    9 replies
    Gary O'Neall
    @goneall

    Any ideas or any relevant sources from which i can work on this??

    @thealphacod3r You can look at the Java design for how it achieved the same goal by creating system interface for storing the SPDX model in different formats - the documentation is here: https://github.com/spdx/Spdx-Java-Library#storage-interface

    Another approach would be to implement readers and writers that would deserialize and serialize the files based on the format. Each reader would be implemented in a separate Github project and would be a dependency that can be wired in when needed - similar to the storage implementation approach used by the Java code.
    @GSOC_ASPIRANTS I just went through the drafts submitted so far. Be sure to turn in your final submissions before the deadline.
    Gary O'Neall
    @goneall
    @nyxiative Sorry I missed your post until now (for some reason gitter notifications stopped working for me) - This error seems to be a problem in JPype (one of our dependencies) and can be solved by restarting the server. I restarted the server. If you run into the error again, please post an issue at https://github.com/spdx/spdx-online-tools/issues
    Nirmal Suthar
    @nirmal-suthar
    Hello @goneall @zvr , I have submitted my draft proposal on gsoc website for the project Generate a JSON Respresentation of the Specification from Structured Markdown, can you please have a look and provide feedback if any. Thanks :)
    Alexios Zavras (zvr)
    @zvr
    @m1kit since we're at the last day, with hours to go before the deadline, I'd say we should stop discussing whether the idea is good and proceed with the submission! An improved license matcher is always welcome, so feel free to submit a proposal on the topic. But you have to write it in such a way that you provide detailed information to help us understand what you will be doing and how this will be different (better) than what is already there...
    1 reply
    Alexios Zavras (zvr)
    @zvr
    @m1kit if you don't have time to cover everything. remember: it's much more worthwhile to expand on your proposed solution than on the problem!
    Mikit
    @m1kit

    @m1kit if you don't have time to cover everything. remember: it's much more worthwhile to expand on your proposed solution than on the problem!

    Okay, I'll focus on how to solve the issues. Thank you for your advices!

    Rohit Lodha
    @rtgdk
    @GSOC_ASPIRANTS Make sure to upload the final pdf proposal before 18:00GMT today.
    Don't worry if your draft wasn't reviewed by all the mentors, pdf should be uploaded and we can discuss the proposal later.
    Gary O'Neall
    @goneall
    @m1kit Just catching up on gitter this morning - glad to see you are already submitting the proposal - Yes - I think there is value in the improvements suggested. I haven't had a chance to review due to some meeting conflicts, but we can discuss after the final submittal.
    Mikit
    @m1kit
    @goneall I believe that this proposal will contribute to the entire open source community, as several communities are looking for an accurate license matching library. I understand that there is no guarantee of acceptance, but I hope you will consider it. Thank you.
    Umang Taneja
    @Ugtan
    @goneall Token-based algorithms are fine to compare license text that looks similar but what if the two sentences look different syntactically but have the same meaning? Isn't the license matcher supposed to take into consideration the meaning of the sentences? There can be various ways to write a sentence that would have the same meaning.
    2 replies
    Gary O'Neall
    @goneall

    Isn't the license matcher supposed to take into consideration the meaning of the sentences? There can be various ways to write a sentence that would have the same meaning.

    There is a specific set of rules the SPDX legal team came up with to define what legal terms are considered the same "meaning" documented in the License Matching Guidelines. Some of these guidelines are easier to implement in code than others.

    1 reply
    Iwan Aucamp
    @aucampia
    hi, not sure if this is the best place to ask, is there some tools for managing license headers in source files
    Gary O'Neall
    @goneall
    @aucampia Take a look at the reuse-tool which provides some support for the license headers. If you haven't already, take a look at Appendix IX for some recommendations on documenting license information in source files.
    Iwan Aucamp
    @aucampia
    thanks gary, looks decent, is there any other similar tools? Just for interest sake
    actually it is awesome, I was worried I cant specify config but it does what I want it to do, very nice
    Mikit
    @m1kit
    I just received an acceptance email from Google. I'm very excited and I'm looking forward to working with this organization in the coming months. Thank you for considering my proposal despite the very late submission.
    It's 3 am Japan time now, so let's discuss the details of the plan after tomorrow. Good night!😪
    Aman
    @thealphacod3r
    @m1kit Congratulations buddy!💯
    seabass
    @seabass:fosdem.org
    [m]
    Congratulations! :)
    Alexios Zavras (zvr)
    @zvr
    Congratulations to all who were selected, but also to all who submitted proposals! The large majority was all of high quality -- it's too bad we can select only a single student for a task and that there are not enough mentors for us to be able to run more tasks.
    Looking forward to an exciting GSoC season!
    Gary O'Neall
    @goneall
    I'll add my congratulations to all those participating in this year's GSoC. I was impressed with the number of quality submittals. I'm looking forward to the summer.
    Ujjwal Agarwal
    @specter25
    I would like to thank my mentors @RishabhBhatnagar and @swinslow sir for selecting me for the JSON support for Golang Libraries project . Really looking forward to contribute to the SPDX community . Thanks a lot sir .
    Umang Taneja
    @Ugtan
    Thank you so much to all the mentors for giving me this wonderful opportunity to be part of program again for SPDX. Looking forward to yet another productive summer.
    Tarun Akumalla
    @Tarunmoses
    I would like to thank my mentors @RishabhBhatnagar and @goneall for selecting my proposal, I'm glad and excited to be a part of the community and contribute to the project.
    Anthony Ronda
    @anthonyronda
    Hi, I recently introduced myself to SPDX legal, and thought I'd join in here and say hello as well
    I'm excited to help out!
    Gary O'Neall
    @goneall
    Hi @anthonyronda Welcome to SPDX!
    Anthony Ronda
    @anthonyronda
    Thanks Gary!
    If any of you have heard of MSFT's FOSS compliance effort ClearlyDefined, their team lead gave me the go ahead to ask if any of you have suggestions on a recent issue they've encountered clearlydefined/spdx#21
    image.png
    I like this project a lot, it's given me a few ideas within my org. It might help to understand better if you saw what is going on in their UI (above)
    Thomas Steenbergen
    @tsteenbe
    @anthonyronda We use ClearlyDefined in OSS Review Toolkit (ORT), to get package license metadata corrections for packages found by ORT. Unfortunately ClearlyDefined has a lot of NOASSERTIONs which make it difficult to use in ORT as it computes based on valid SPDX expressions
    seabass
    @seabass:fosdem.org
    [m]
    Hello anthonyronda; nice to see you around here :)
    Anthony Ronda
    @anthonyronda
    @tsteenbe I can totally see how that's frustrating. I've encountered discussions/complaints relating to NONE and NOASSERTION in a couple places, and the pressure to conform to a given standard often seems to be placed on the tools rather than the components with undiscoverable or missing data. NOASSERTION is the only correct value in such cases until a curation can set it to NONE or create a valid SPDX expression based on an undiscoverable license
    anyway, I can see why they made that choice
    your experience with ORT should prove really useful cracking their parens conundrum!
    seabass
    @seabass:fosdem.org
    [m]
    @zvr, hello! On the the May 28th Tech Team meeting, I suggested contacting Tidelift for permission to use their logo on the website
    I think you said you were in correspondance with Luis Villa?
    Please let me know how things are going on that front; I'm more than happy to contact them if you have other commitments right now :)
    seabass
    @seabass:fosdem.org
    [m]
    @tsteenbe: hello
    There's the General Meeting running now
    I think everyone would like to hear from you about the Vulnerabilities Profile :)
    关龙
    @gl041188_gitlab
    hello