Write out checksums for SPDX binary / source packages #7066
Conversation
sschuberth
force-pushed
the
spdx-package-checksum
branch
from
a621fa5
to
f96d1f1
Compare
Codecov ReportPatch coverage has no change and project coverage change:
Additional details and impacted files@@ Coverage Diff @@
## main #7066 +/- ##
============================================
- Coverage 64.56% 64.55% -0.01%
Complexity 1969 1969
============================================
Files 331 331
Lines 16617 16619 +2
Branches 2373 2374 +1
============================================
Hits 10729 10729
- Misses 4844 4845 +1
- Partials 1044 1045 +1
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
sschuberth
force-pushed
the
spdx-package-checksum
branch
2 times, most recently
from
0e5fb20
to
41b8174
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
sschuberth
force-pushed
the
spdx-package-checksum
branch
3 times, most recently
from
b9fa63c
to
a8f3bf1
Compare
sschuberth
changed the title
…ction This fits better with the other functions in this file. Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
The suffix will be used in an upcoming change. While at it, also default the infix to "Package". Signed-off-by: Sebastian Schuberth <[email protected]>
Signed-off-by: Sebastian Schuberth <[email protected]>
sschuberth
force-pushed
the
spdx-package-checksum
branch
from
a8f3bf1
to
0a061a2
Compare
…ypes Signed-off-by: Sebastian Schuberth <[email protected]>
See [1] for the background discussion. [1]: #7064 Signed-off-by: Sebastian Schuberth <[email protected]>
Align with the remaining functions in this file an specifiy the return type explicitly. Signed-off-by: Sebastian Schuberth <[email protected]>
sschuberth
force-pushed
the
spdx-package-checksum
branch
from
0a061a2
to
a59503d
Compare
| @@ -0,0 +1,171 @@ | |||
| /* | |||
There was a problem hiding this comment.
Now, as we have move to such a fine grained module structure - to me it makes even less sense to determine a location for a function based on whether it's an extension function or not and then as second priority the alphabetical order.
IMO cohesion is more important: e.g. if a non-extension utility function is closely related to an extension function, then IMO it should be located nearby.
What do you think? In particular about the alternatives to
- Keep the functions where they currently are
- Have a utils class where when can also put non-extension functions.
There was a problem hiding this comment.
to me it makes even less sense to determine a location for a function based on whether it's an extension function or not [...] if a non-extension utility function is closely related to an extension function, then IMO it should be located nearby
I'm open to the idea to group functions, extensions or not, by purpose instead of syntax, although having an Extensions.kt seems to be pretty common in Kotlin projects. Anyway, I guess we should do this consistently throughout the code base in a separate PR then.
| * Convert an ORT [Hash] to an [SpdxChecksum], or return null if a conversion is not possible. | ||
| */ | ||
| private fun Hash.toSpdxChecksum(): SpdxChecksum? = | ||
| SpdxChecksum.Algorithm.values().find { it.name in algorithm.aliases }?.let { |
There was a problem hiding this comment.
Would it make sense to add a code comment like: // Assume that algorithm aliases in ORT and SPDX match.?
There was a problem hiding this comment.
I'll do it in a follow-up PR.
|
Merging despite the unrelated |
sschuberth
added
the
release notes
See 1 for the background discussion.