Difference between revisions of "ClearlyDefinedObject"
Line 210: | Line 210: | ||
=== Harvest Tools === | === Harvest Tools === | ||
− | + | *Clearlydefined - https://pastebin.com/NwK2RZ5h | |
− | + | Contains hashes of files(sha1 and sha256), registryData, Source Info (if source is provided) | |
− | + | ||
+ | *Licensee - https://pastebin.com/s96eZawC | ||
+ | Contains licenses, matched files (content and filename) | ||
+ | |||
+ | *Scancode - https://pastebin.com/F1Ys7Y1V | ||
+ | Contains Summary (license_expressions, copyrights, holders, authors, programming Language), license clarity score, summary of key files and a separate analysis of every file. |
Revision as of 09:55, 2 January 2021
Examples of Definitions
1.
{ "described": { "releaseDate": "2020-12-30", "urls": { "registry": "https://npmjs.com/package/typescript", "version": "https://npmjs.com/package/typescript/v/4.2.0-dev.20201230", "download": "https://registry.npmjs.com/typescript/-/typescript-4.2.0-dev.20201230.tgz" }, "projectWebsite": "https://www.typescriptlang.org/", "issueTracker": "https://github.com/Microsoft/TypeScript/issues", "hashes": { "sha1": "a8dfe3af168ac0fc9e0a2fdc1cb369ee80d63442", "sha256": "827949c42fa25bc51e843eb4a0aa16251f0c757cf48a6f622f593e9562192a8c" }, "files": 170, "tools": [ "clearlydefined/1.3.4", "licensee/9.13.0", "scancode/3.2.2" ], "toolScore": { "total": 30, "date": 30, "source": 0 }, "score": { "total": 30, "date": 30, "source": 0 } }, "licensed": { "declared": "Apache-2.0", "toolScore": { "total": 55, "declared": 30, "discovered": 10, "consistency": 0, "spdx": 15, "texts": 0 }, "facets": { "core": { "attribution": { "unknown": 62, "parties": [ "(c) by W3C", "Copyright Grant. I", "Copyright (c) 2018 WHATWG", "(c) Microsoft Corporation.", "(c) Korporatsiia Maikrosoft", "Copyright (c) Microsoft Corporation.", "Copyright (c) 1991-2017 Unicode, Inc.", "(c) Microsoft Corporation. Alle Rechte", "(c) Microsoft Corporation. Bao Liu Suo", "Copyright (c) 2018 The Khronos Group Inc.", "(c) Microsoft Corporation. Zhu Zuo Quan Suo", "Copyright (c) YEAR W3C(r) (MIT, ERCIM, Keio, Beihang). Disclaimers THIS WORK IS PROVIDED AS" ] }, "discovered": { "unknown": 99, "expressions": [ "Apache-2.0", "CC-BY-4.0 AND MIT AND NOASSERTION" ] }, "files": 170 } }, "score": { "total": 55, "declared": 30, "discovered": 10, "consistency": 0, "spdx": 15, "texts": 0 } }, "coordinates": { "type": "npm", "provider": "npmjs", "name": "typescript", "revision": "4.2.0-dev.20201230" }, "_meta": { "schemaVersion": "1.6.1", "updated": "2020-12-30T08:45:26.008Z" }, "scores": { "effective": 42, "tool": 42 } }
2.
{ "described": { "releaseDate": "2020-12-21", "sourceLocation": { "type": "git", "provider": "github", "namespace": "umijs", "name": "umi", "revision": "a31448a9f65127d1eefdda12feb41e88d0991228", "url": "https://github.com/umijs/umi/tree/a31448a9f65127d1eefdda12feb41e88d0991228" }, "urls": { "registry": "https://npmjs.com/package/@umijs/utils", "version": "https://npmjs.com/package/@umijs/utils/v/3.3.3", "download": "https://registry.npmjs.com/@umijs/utils/-/utils-3.3.3.tgz" }, "projectWebsite": "https://github.com/umijs/umi/tree/master/packages/utils#readme", "issueTracker": "http://github.com/umijs/umi/issues", "hashes": { "sha1": "4bc2c539e29e4e34d866b7380b7b1870211b8230", "sha256": "e0c41645f9d7c2acb9f9862accaf880cbee7b3f698447069dcb924a889be71ef" }, "files": 36, "tools": [ "clearlydefined/1.3.4", "licensee/9.13.0", "scancode/3.2.2" ], "toolScore": { "total": 100, "date": 30, "source": 70 }, "score": { "total": 100, "date": 30, "source": 70 } }, "licensed": { "declared": "MIT", "toolScore": { "total": 60, "declared": 30, "discovered": 0, "consistency": 15, "spdx": 15, "texts": 0 }, "facets": { "core": { "attribution": { "unknown": 36 }, "discovered": { "unknown": 35, "expressions": [ "MIT" ] }, "files": 36 } }, "score": { "total": 60, "declared": 30, "discovered": 0, "consistency": 15, "spdx": 15, "texts": 0 } }, "coordinates": { "type": "npm", "provider": "npmjs", "namespace": "@umijs", "name": "utils", "revision": "3.3.3" }, "_meta": { "schemaVersion": "1.6.1", "updated": "2020-12-25T02:25:35.228Z" }, "scores": { "effective": 80, "tool": 80 } }
described
Contains releaseDate, urls, hashes, files, tools, toolscore :- (date and source) , sourceLocation (only those who have a source), score :- (date and source)
licensed
Declared license, tool score (spdx, consistency, texts, declared) binary and (discovered) computed. (https://github.com/clearlydefined/license-score/blob/master/ClearlyLicensedMetrics.md)
coordinates
Coordinates are used to identify various elements in ClearlyDefined. For example, components to harvest, tool outputs, source locations. The coordinates for an entity has at least five parts: type, provider, namespace, name and revision.
- type – the form of the entity being identified. For example, git, npm, sourceArchive. This is logically, though not actually, equivalent to a mime type.
- provider – where entity can be found. Examples include github, npmjs, mavenCentral. The system supports a finite set of providers at any given time.
- namespace – a qualifier that helps scope the name of the entity being identified. This typically comes from the context of the type. For example, for NPM packages, it is the scope, for Maven project it would be the groupid, and for GitHub, the login (often org) is used. If an entity does not have a reasonable namespace, a - (hyphen) must be used. That is, the namespace is logically optional but the property must be set.
- name – the name of the entity. As with namespace, the name typically comes from the context of the type. So artifactid for Maven, repo name for GitHub, etc.
- revision – the instance of the entity being identified. The exact form of the revision depends on the type and provider. In Git, a commit hash is used. In package managers, the typical package version is used. This value is largely uninterpreted by ClearlyDefined and simply either passed to the provider as needed or used as an opaque string in internal keys.
meta
Contains Schema Version and the timestamp of last updation
scores
Contains effective and tool score
Harvest Tools
- Clearlydefined - https://pastebin.com/NwK2RZ5h
Contains hashes of files(sha1 and sha256), registryData, Source Info (if source is provided)
- Licensee - https://pastebin.com/s96eZawC
Contains licenses, matched files (content and filename)
- Scancode - https://pastebin.com/F1Ys7Y1V
Contains Summary (license_expressions, copyrights, holders, authors, programming Language), license clarity score, summary of key files and a separate analysis of every file.