You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ORT uses the same Identifier class for both projects and packages. Under certain conditions, the analyzer's logic might infer the same ID for project / packages, causing a clash which makes the AnalyzerResultBuilder class create an error.
There are different root causes for duplicate IDs, which each probably require a dedicated solution to avoid duplicates.
Possible causes for project vs package duplicates:
The same "thing" could be seen as both a dependency and a project in a (mono-)repo that has project A with dependency package B, but the source code of B is hosted in the same repo.
Possible causes for package vs package duplicates:
E.g. NPM and Yarn projects could depend on the same (?) package, but it gets pulled from different (private) registries.
Possible causes for project vs project duplicates:
A repository contains multiple template projects that use the same properties (e.g. here and here).
ORT's logic to come up with project names for projects without (enough) metadata (like Python's requirements.txt files) could create name / id clashes.
The text was updated successfully, but these errors were encountered:
ORT uses the same
Identifier
class for both projects and packages. Under certain conditions, the analyzer's logic might infer the same ID for project / packages, causing a clash which makes theAnalyzerResultBuilder
class create an error.There are different root causes for duplicate IDs, which each probably require a dedicated solution to avoid duplicates.
Possible causes for project vs package duplicates:
Possible causes for package vs package duplicates:
Possible causes for project vs project duplicates:
requirements.txt
files) could create name / id clashes.The text was updated successfully, but these errors were encountered: