FOSSology Project Logo FOSSology
Advancing open source analysis and development
 
Table of Contents

Distro reports

Note that this is called “distro reports” but not all need to be restricted to distros.

Report Types

  • Report binary packages with missing source packages.
  • Single reports (or browser) for all the files in a folder (as opposed to limiting the browse per upload). This is because some distros come in as multiple files (isos, packages, …) but the report should be over them all.
  • Difference browser

Difference browser

The distro diffs in the package database is rather limited: http://fossology.org/task:integrate_distrodb_distro_package_reports) So here is an idea just to kick things off. Please feel free to propose something different or refine this.

We could have the nomos license browser work exactly like it does now, with the exception that it will EXCLUDE files matching CRITERIA. Where the exclusion CRITERIA could be something like:

  1. File is identical to previous version
  2. File has same licenses as previous version (I'm suggesting that this is done at the file level so that all license changes are picked up. For example, if file A was under gplv3 and file B was bsd in the old version, and file A is bsd and file B is gplv3 in the new version, then this would be shown as a difference.
  3. Same as 2. but also exclude files with tag “reviewed”. This way when you tag a file, directory, package as “reviewed”, then that file,directory,package will also be excluded from the browser. As you tag “reviewed” the report will get progressively smaller.
  4. Same as 3, with a slight modification. Start with tools that will tag groups of files. For example,
    • tag all files that are unchanged as “unchanged”
    • tag all files that have unchanged licenses and were previously tagged as “reviewed”, as “reviewed”

Then report only files/packages/etc that are not tagged as “unchanged” or “reviewed”. This makes it easy for the user to modify the criteria at run time, “show me only not reviewed”, “show me only reviewed”, “show me only “show me only not reviewed and …”

You can see that with tags, multiple people working on a review always has access to real time status of the review. One only has to tag a file “I'm working on this” to provide a locking mechanism so that two people don't concurrently work on the same package.

One other thing, this isn't necessarily limited to distros. One could use the same mechanism on tar's, single packages, …

Permissions

This probably needs a group permission scheme so that a group has write access to tags they create. Permissions could be like unix permissions Owner, Group, Public, with read/write permissions. As an aside, permissions also should be applied to uploads. This has been requested by different users and would make running our demo repository much simpler.

Ideas, thoughts, etc?

bobg@fossology.org

 
distro_reports.txt · Last modified: 2010/06/29 08:24 by bobg
Copyright (C) 2007-2009 Hewlett-Packard Development Company, L.P.
FOSSology Project documentation is licensed under the GNU Free Documentation License Version 1.2
Recent changes RSS feed Valid XHTML 1.0 Valid CSS3 Driven by DokuWiki