Week 5

(June 28, 2024 - July 04, 2024)

Meeting 1

(July 03, 2024)

Attendees

• Rajul Jha
• Gaurav
• Kaushlendra
• Avinal Kumar
• Katharina

Discussions

• I showed my progress regarding differential scans and allowlist functionality.
• Discussed doubts regarding the nomos scanner -J flag. We'll tackle this later for now.
• Mentors mentioned that we should now work towards providing a fossology action which will provide smooth integration into Github Actions.
• Created a new repository in fossology, called fossology-action for now.

Work Done

• Researched and tested the relevant API endpoints from the Github and Gitab API's:
  • Github API: https://api.github.com/repos/:owner/:repo/compare/{:tag1}...{:tag2}
  • Gitlab API: https://gitlab.com/api/v4/projects/:projectid/repository/compare/?from={:tag1}&to={:tag2}
• Implement differential scans and tested on Github and Gitlab and sent out a PR(#2775) for the same.
• Solved some bugs found in the previous PR(#2574).
• Resolved and corrected some issues in PR(#2754) and PR(#2769) respectively.
• Started implementing the functionality that allows passing allowlist.conf file from a custom location by the user.

Planning for next week

• Complete the allowlist.conf part and send a PR for the same.
• Next, start researching and testing which type of Github Action we should create. Currently, there are three choices:
  • JavaScript Action
  • Docker Action
  • Composite Action
• Docker Action and Composite Action are most relevant to our use case. Need to test and find out which is a better fit for us.
• Start working on providing and then releasing the action to the marketplace.
• PS: Also need to think about a cool name for the action 😜