scanner: Add Nomos plugin#10631
scanner: Add Nomos plugin#10631Prakash-Mishra-9ghz wants to merge 1 commit intooss-review-toolkit:mainfrom
Conversation
| Commit message title: According to conventional commits, the title should start with |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
detekt found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@ ## main #10631 +/- ## ========================================= Coverage 57.41% 57.41% - Complexity 1705 1707 +2 ========================================= Files 346 346 Lines 12875 12875 Branches 1228 1228 ========================================= Hits 7392 7392 Misses 5005 5005 Partials 478 478
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
@Prakash-Mishra-9ghz, please have a look at these issues and make all automated checks pass before we start with the actual code review. |
Prakash-Mishra-9ghz force-pushed the nomos branch from 2a75433 to ba0ea5a Compare 
Resolved all Detekt issues |
Prakash-Mishra-9ghz force-pushed the nomos branch from ba0ea5a to 6af59a7 Compare | @Prakash-Mishra-9ghz we have a policy to fix any issues identified during review / by automated checks in the actual commit that introduces the issue as long as the PR is still under review. As your PR originally only had a single commit, this means to just amend that original commit with any updates. So please squash the two commits that you have now into just one again. |
| @sschuberth I added the following copyright header: Copyright (C) 2025 Prakash Mishra. The CI failed due to this not being in the NOTICE file. Should I add myself there, or just remove the header? |
You should add yourself to the NOTICE file (grouped by year, then sorted alphabetically) and keep the generic Copyright header in the source file. |
| hi @sschuberth could you help me to figure out the funtest-docker, test(unbuntu and windows) fail. |
Those are temporary failures due to foojayio/discoapi#124, which had been fixed, but now is back again... we simply need to wait for that external service to recover. Just rebase your PR onto latest |
Will you do that rebase, @Prakash-Mishra-9ghz? |
Prakash-Mishra-9ghz force-pushed the nomos branch from 6af59a7 to 0bb3460 Compare | @sschuberth Currently working on the Docker implementation for the plugin. |
Prakash-Mishra-9ghz force-pushed the nomos branch 3 times, most recently from 41e4847 to 2a793fa Compare | @sschuberth CI is failing due to an sbt-assembly version mismatch—could you confirm if it is related to PR? |
No, it should not be related, I've retriggered the test. |
plugins/scanners/fossologynomossa/src/main/kotlin/NomossaResultExtensions.kt Show resolved Hide resolved
plugins/scanners/fossologynomossa/src/main/kotlin/NomossaResultExtensions.kt Outdated Show resolved Hide resolved
plugins/scanners/fossologynomossa/src/main/kotlin/NomossaResultExtensions.kt Outdated Show resolved Hide resolved
plugins/scanners/fossologynomossa/src/main/kotlin/NomossaResultExtensions.kt Outdated Show resolved Hide resolved
plugins/scanners/fossologynomossa/src/main/kotlin/NomossaResultExtensions.kt Outdated Show resolved Hide resolved
Prakash-Mishra-9ghz force-pushed the nomos branch from 2a793fa to e5fb51c Compare Prakash-Mishra-9ghz force-pushed the nomos branch from e5fb51c to a8ccf27 Compare | Please see my comment over here: This implementation lacks functional tests that make use of the scanner to prove that the implementation is working. |
Prakash-Mishra-9ghz force-pushed the nomos branch 2 times, most recently from 2268b05 to 9dbf5d9 Compare | I see that https://github.com/fossology/fossology/releases/tag/4.6.0-rc1 by now includes the @Prakash-Mishra-9ghz, are you planning to continue working on this, or should we take over your work? |
| @sschuberth I was also waiting for the release, so i will be continuing my work. |
Prakash-Mishra-9ghz force-pushed the nomos branch 2 times, most recently from 867b88f to 7a0df8a Compare Prakash-Mishra-9ghz force-pushed the nomos branch from 7a0df8a to 363d990 Compare | Hi @sschuberth, I saw the funTest-external-tools failure but can’t tell which part is caused by my changes. Could you guide me? |
The failure(s) is / are unrelated to your changes. Please rebase onto latest |
Prakash-Mishra-9ghz force-pushed the nomos branch from 363d990 to 1d6587d Compare 
- Implement Nomos as an ExternalScanner in ort - add FOSSology Nomos binary to the docker image - add funtest for FOSSology Nomos Signed-off-by: Prakash Mishra <prakashmishra9921@gmail.com>
Prakash-Mishra-9ghz force-pushed the nomos branch from 1d6587d to 25b9df9 Compare | @Prakash-Mishra-9ghz, can you update me on the status of detecting copyright statements via Nomos? Is the CLI even capable of detecting copyright statements, or can it only detect license headers? |
Hi @sschuberth , apologies for the delayed update, the Nomos CLI is primarily designed to detect license texts rather than standalone copyright statements. |
4 participants
This pull request introduces a new external scanner plugin for integrating FOSSology's Nomos license scanner into the OSS Review Toolkit (ORT).
🔹 What's implemented
ExternalScanner.ScanResultmodel.🔹 File breakdown
Nomossa.kt: Main scanner class implementing theScannerinterface.NomossaConfig.kt: Loads configuration for invoking Nomos CLI.NomossaResultParser.kt: Parses Nomos output to extract license info.NomossaResultExtension.kt: Converts parsed data intoScanResult.build.gradle.kts: Sets up plugin dependencies and build configuration.This plugin allows users to plug FOSSology’s Nomos agent into ORT workflows to enhance license detection coverage and flexibility.