[RTEMS Project] #4624: Integrate Software License Bill of Materials (BOM) using SPDX Tooling

RTEMS trac trac at rtems.org
Mon Feb 28 20:34:52 UTC 2022 

#4624: Integrate Software License Bill of Materials (BOM) using SPDX Tooling
------------------------------------------+-------------------------
 Reporter:  Joel Sherrill                 |       Owner:  (none)
     Type:  enhancement                   |      Status:  new
 Priority:  normal                        |   Milestone:  Indefinite
Component:  tool                          |     Version:
 Severity:  normal                        |  Resolution:
 Keywords:  SoC, ecosystem, small, large  |  Blocked By:
 Blocking:                                |
------------------------------------------+-------------------------
Description changed by Gedare Bloom:

Old description:

> The purpose of this project is to identify and integrate tooling that
> supports SPDX license annotation (see https://spdx.org). Understanding
> the purpose of SPDX and why its tooling is used is important background
> for this project. This project will:
>
> * Identify SPDX tooling and ideas that the RTEMS Project could benefit
> from
> * Evaluate use of that tooling
>   - What types of reports? Consistency checks?
> * Evaluate if there are checks for git pre-commit.
> * Perhaps evaluate tooling to identify files without SPDX annotation and
> the licenses used. This will help us run down the remaining files without
> annotation.
>
> All tooling should be open source.
>
> Possible mentors: Joel Sherrill, Gedare Bloom, Sebastian Huber, Chris
> Johns
>
> Languages: Likely Python or Java for any third party tools. Python for
> RTEMS specific integration
>
> Difficulty: Medium

New description:

 The purpose of this project is to identify and integrate tooling that
 supports SPDX license annotation (see https://spdx.org). Understanding the
 purpose of SPDX and why its tooling is used is important background for
 this project. This project will:

 * Identify SPDX tooling and ideas that the RTEMS Project could benefit
 from
 * Evaluate use of that tooling
   - What types of reports? Consistency checks?
 * Evaluate if there are checks for git pre-commit.
 * Perhaps evaluate tooling to identify files without SPDX annotation and
 the licenses used. This will help us run down the remaining files without
 annotation.

 All tooling should be open source.

 Possible mentors: Joel Sherrill, Gedare Bloom, Sebastian Huber, Chris
 Johns

 Languages: Preferably Python for any third party tools from SPDX. Python
 for RTEMS specific integration.

 Difficulty: Medium

--

--
Ticket URL: <http://devel.rtems.org/ticket/4624#comment:1>
RTEMS Project <http://www.rtems.org/>
RTEMS Project

More information about the bugs mailing list