"Component hash" in SPDX #7064
-
|
Hi, how can we enable the "component hash" in the SPDX report? I can't find it in the documentation. |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 5 replies
-
|
The NTIA "Component Hash" maps to the SPDX "Package Checksum" which we're not writing out yet (we're only writing out the SPDX "Package Verification Code", but that's a different thing). I'll prepare a PR. |
Beta Was this translation helpful? Give feedback.
-
|
See #7066. |
Beta Was this translation helpful? Give feedback.
-
|
you rock |
Beta Was this translation helpful? Give feedback.
-
|
@sschuberth because of #7066 is this enabled now? Should I just update ORT and checksums will start to show up? |
Beta Was this translation helpful? Give feedback.
-
|
Yes. |
Beta Was this translation helpful? Give feedback.
-
|
@sschuberth any chance this could be also added to the HTML web page too? |
Beta Was this translation helpful? Give feedback.
-
|
You mean the web-app report? I'm not a JavaScript guy, so someone else would have to do that. PRs welcome. |
Beta Was this translation helpful? Give feedback.
-
|
OK, I'll have interns hopefully starting in a few weeks. |
Beta Was this translation helpful? Give feedback.
The NTIA "Component Hash" maps to the SPDX "Package Checksum" which we're not writing out yet (we're only writing out the SPDX "Package Verification Code", but that's a different thing). I'll prepare a PR.