Uploaded image for project: 'GENIVI Baseline'
  1. GENIVI Baseline
  2. BASE-28 Exclude GPLv3 license in the baseline builds
  3. BASE-36

Investigate LRT source scan

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Unresolved
    • Medium
    • None
    • None
    • meta-ivi
    • None

    Description

      The LRT source scan identified 12 different source tar balls containing xGPL-3 source.

      The Yocto mechanism works at the package level, whilst the source scan has worked on source tar balls. We need to figure out where there is a mapping, cairo and libgcrypt are obvious examples, and where there is not.

      Where there is a mapping we should try to confirm that the source is in fact in the part of the package reported in the Yocto recipe.

      Where there is not a mapping we need to raise new sub-tasks for their investigation.

      Attachments

        Activity

          People

            Unassigned Unassigned
            stephen.lawrence Stephen Lawrence
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: