Disclosure files: Difference between revisions

From OSSelot
Jump to navigation Jump to search
mNo edit summary
mNo edit summary
Line 37: Line 37:
Material from multiple packages can each be given a title line and then concatenated.
Material from multiple packages can each be given a title line and then concatenated.


A similar interface is provided that instead of a entire disclosure documents the [[Licenses|licenses]] that a particular software package uses are listed.
==Interface to obtain a list of licenses==
A [[Licenses|similar interface]] is provided that instead of entire disclosure documents the [[Licenses|licenses]] that a particular software package uses are listed.

Revision as of 23:29, 14 July 2023

Obtain disclosure files

Use a shell script to encapsulate the search Web script in a shell script

To download the disclosure file that relates to a given package name and version from the O Github repository the following shell script can be used:

#!/bin/bash

if test -z "$1" -o -z "$2"
then
  echo "Usage: $0 <package> <version>"
  exit 1
fi
package="$1"
version="$2"
if test `wget -qO - https://www.osselot.org/curated.php?$package | grep version-$version`
then
  wget -qO - https://raw.githubusercontent.com/Open-Source-Compliance/package-analysis/main/analysed-packages/$package/version-$version/$package-$version-OSS-disclosure.txt
fi

The output of this script can then be adapted to the actual file set of the binary software distribution and given to the recipient of the software upon delivery as an important step toward compliance with the license terms. Possible further steps to license compliance are the adaptation of other legal materials such as terms and conditions and, if the license imposes this obligation, the immediate provision or an appropriate written offer to deliver the source code.

If the script is called "getdisclosure" and invoked for the example that was used on the search page as

getdisclosure angular 15.2.2

a text is returned that is ready to be used:

Web interface to immediately search for a given package and provide links to the disclosure documents of found package repositories

Look for other software packages that may have already been curated at O and provide links to the related disclosure documents



Material from multiple packages can each be given a title line and then concatenated.

Interface to obtain a list of licenses

A similar interface is provided that instead of entire disclosure documents the licenses that a particular software package uses are listed.