Merge pull request #266 from rajuljha/chore/report/week8

GMishx · web-flow · commit 78bfb22bed76 · 2024-08-01T18:54:57.000+05:30
chore(report): Add week 8 CI Scanner Project Report
diff --git a/docs/2024/ci-scanner/updates/2024-07-25.md b/docs/2024/ci-scanner/updates/2024-07-25.md
@@ -0,0 +1,54 @@
+---
+title: Week 8
+author: Rajul Jha
+tags: [gsoc24, CI]
+---
+<!--
+SPDX-License-Identifier: CC-BY-SA-4.0
+
+SPDX-FileCopyrightText: 2024 Rajul Jha <rajuljha49gmail.com>
+-->
+
+# Week 8
+*(July, 19 2024 - July 25, 2024)*
+
+## Meeting 1
+*(July 24, 2024)*
+
+## Attendees
+
+* [Rajul Jha](https://github.com/rajuljha)
+* [Gaurav](https://github.com/GMishx)
+* [Avinal Kumar](https://github.com/avinal)
+* Katharina
+
+
+## Discussions
+* Discussed potential improvements in the [#PR1](https://github.com/fossology/fossology-action/pull/1)
+  with [Avinal](https://github.com/avinal)
+
+* [Gaurav](https://github.com/GMishx) discussed in detail what we need to achieve with the download dependencies task.
+  * The user should have ability to download dependencies for scan.
+  * Then they can run fossology scanners on them in CI pipeline before hand to identify potential licenses and resolve them before hand.
+  * We want to use the Cyclone DX toolkit for generating SBOMs of the repo.
+    * Then use our custom written downloader for downloading the packages from the SBOM.
+  * User needs to pass the language flag along with some `download-deps` flag or (something) since
+    we are using language dependant tools.
+
+
+## Work Done
+* Completed refactoring the previous [#PR2754](https://github.com/fossology/fossology/pull/2754):
+  * It follows the Don't repeat Yourself (DRY) principle.
+  * Add type annotations to all the functions.
+  * Add a new boolean flag `whole` that can be used to extract whole information from the scanners.
+
+* Completed the licenses line number display in the CI in the same [#PR2754](https://github.com/fossology/fossology/pull/2754).
+
+* Started working on documenting the new scanners features locally as discussed with [Shaheem](https://github.com/shaheemazmalmmd).
+
+* Explored the scan dependencies part for the scanners. Need more clarity as to what exactly we need to achieve here.
+
+## Planning for next week
+* Plan out the structure and research in depth about the download dependencies task part.
+* After structuring, need to plan out and flesh out the design details for the same.
+* Start working on this next major task :)
