Comments (1)
SuperChen-CC
commented on July 17, 2024
@yangfande362
Currently, OpenSCA does not provide a component knowledge database. The method to obtain component Licenses at present is by identifying them from the dependency description files(Example of parsing maven). Therefore, if the dependency description files do not describe or declare a License, OpenSCA may not be able to recognize it. As a result, the License column in the exported report might be left blank.
Regarding your other inquiry, due to historical reasons, we neglected to add the License field in the SQLlite Output. We will rectify this oversight in the new version.
Lastly, about the feature requirements for IDE plugins, we will take them into consideration. Thank you for your feedback.
from opensca-cli.
Related Issues (20)
- if support other online vunerability database? HOT 1
- [Bug] The long text in the new UI has been collapsed.
- Static analysis for the gradle package management.
- Support for python language.
- Supports the generation of Software Bills of Materials (SBOMs) in SPDX format.
- [Feature request] Proxy settings support SOCKS5 and authentication
- Custom warehouse pull detection
- Improve Python parsing ability
- 扫描Jar文件失败 HOT 1
- [Bug] java-Gradle 编译方式 springboot项目, 使用io.spring.dependency-management插件导入springboot依赖时 无法扫描出依赖以及漏洞 HOT 5
- 源代码 HOT 1
- release HOT 1
- 关于maven 依赖范围为 test、provided 能否在输出的json文件中加个标签 HOT 6
- 能否支持对项目中的开源组件进行开源协议扫描 HOT 2
- 什么时候能提供本地漏洞库呢 HOT 1
- OpenSca扫描文件数量超过1800个之后直接卡死 HOT 4
- Pom 文件包含 <repositories> <repository> 组件时,扫描卡死 HOT 3
- 可以检测不同语言的代码片段吗 HOT 3
- 【检出路径】存在问题 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opensca-cli.