From a0904066865c9792033d6c87c270966113b6ae66 Mon Sep 17 00:00:00 2001 From: liangcao Date: Fri, 23 Aug 2013 14:40:35 -0700 Subject: SPDX:real-time license scanning and SPDX output. SPDX integrates real-time license scanning, generates SPDX standard output and license verification information during the OE-Core build process. The existing module includes scanning patched packages and creating package and file level SPDX documents. (From OE-Core rev: 7a37cc81fb95d56b5ac5e5ca22a1900e45717911) Signed-off-by: liangcao Signed-off-by: Elizabeth Flanagan Signed-off-by: Saul Wold Signed-off-by: Richard Purdie --- meta/conf/licenses.conf | 51 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) (limited to 'meta/conf') diff --git a/meta/conf/licenses.conf b/meta/conf/licenses.conf index 922b84c924..b41d0a89a9 100644 --- a/meta/conf/licenses.conf +++ b/meta/conf/licenses.conf @@ -113,6 +113,55 @@ SPDXLICENSEMAP[SGIv1] = "SGI-1" # Set if you want the license.manifest copied to the image #COPY_LIC_MANIFEST = "1" -# If you want the pkg licenses copied over as well you must set +# If you want the pkg licenses copied over as well you must set # both COPY_LIC_MANIFEST and COPY_LIC_DIRS #COPY_LIC_DIRS = "1" + +## SPDX temporary directory +SPDX_TEMP_DIR = "${WORKDIR}/spdx_temp" +SPDX_MANIFEST_DIR = "/home/yocto/fossology_scans" + +## SPDX Format info +SPDX_VERSION = "SPDX-1.1" +DATA_LICENSE = "CC0-1.0" + +## Fossology scan information +# You can set option to control if the copyright information will be skipped +# during the identification process. +# +# It is defined as [FOSS_COPYRIGHT] in ./meta/conf/licenses.conf. +# FOSS_COPYRIGHT = "true" +# NO copyright will be processed. That means only license information will be +# identified and output to SPDX file +# FOSS_COPYRIGHT = "false" +# Copyright will be identified and output to SPDX file along with license +# information. The process will take more time than not processing copyright +# information. +# + +FOSS_COPYRIGHT = "true" + +# A option defined as[FOSS_RECURSIVE_UNPACK] in ./meta/conf/licenses.conf. is +# used to control if FOSSology server need recursively unpack tar.gz file which +# is sent from do_spdx task. +# +# FOSS_RECURSIVE_UNPACK = "false": +# FOSSology server does NOT recursively unpack. In the current release, this +# is the default choice because recursively unpack will not necessarily break +# down original compressed files. +# FOSS_RECURSIVE_UNPACK = "true": +# FOSSology server recursively unpack components. +# + +FOSS_RECURSIVE_UNPACK = "false" + +# FOSSologySPDX instance server. +# For more information on FOSSologySPDX commandline: +# https://github.com/spdx-tools/fossology-spdx/wiki/Fossology-SPDX-Web-API +# + +FOSS_SERVER = "http://localhost//?mod=spdx_license_once&noCopyright=${FOSS_COPYRIGHT}&recursiveUnpack=${FOSS_RECURSIVE_UNPACK}" + +FOSS_WGET_FLAGS = "-qO - --no-check-certificate --timeout=0" + + -- cgit v1.2.3-54-g00ecf