Hi Shawn, Thanks for sharing the finding. I can see the dependency from OpenSumi to Fury as in [1] now.
[1] https://github.com/search?q=repo:opensumi/core%20fury&type=code After we make the first formal release, we can cooperate with OpenSumi to upgrade to an incubating release and thus update the mention in their docs to Apache Fury also, like [2][3]. [2] https://github.com/GreptimeTeam/greptimedb/pull/2653 [3] https://github.com/GreptimeTeam/greptimedb/pull/3168 Best, tison. Shawn Yang <shawn.ck.y...@gmail.com> 于2024年4月25日周四 17:04写道: > Hi Justin, > > Thanks for sharing this tool. I checked the code in Fury with this tool. > > Here is the result: > 1) [5][6] are osscan results. > 2) Those files has duplication with package/lib/worker-host.js in > opensumi[7] > > Opensumi relies on furyjs, so it packaged the code in apache fury into its > release bundle. > As you can see from the opensumi code repository[8]. There is no such > worker-host.js file, > It's a file generated at opensum build process, which packaged apache > furyjs code into their bundle. > > So I think this is not an issue in fury. > > Do you have further issues? If not, I'll close this vote and start a new > release candidate later. > > 1. /javascript/packages/fury/lib/gen/datetime.ts > 2. /javascript/packages/fury/lib/gen/index.ts > 3. /javascript/packages/fury/lib/fury.ts > 4. /javascript/packages/fury/lib/classResolver.ts > 5 > > https://github.com/apache/incubator-fury/assets/12445254/cfa0fb06-bf23-468d-bf76-f9b106467611 > 6. > > https://github.com/apache/incubator-fury/assets/12445254/7698a87d-ffd9-4400-9a79-a2f27f191c1d > 7. https://www.npmjs.com/package/%40opensumi/ide-extension > 8. https://github.com/opensumi/core/ > > ---------- > Best regards, > Chaokun Yang > > On Thu, Apr 25, 2024 at 1:52 PM tison <wander4...@gmail.com> wrote: > > > Hi Justin, > > > > Thank you, and that's not in a hurry. I'd just like to make the status > > clear and ensure we can make progress instead of subjective arguing. > > > > Now I know you use ScanOSS and I'd suggest other members in Fury try to > > check the project with this tool. I'll try it out if I find some time, > and > > I'd appreciate it if you could share how you use this tool to do > compliance > > checks, it would help all the people in the Incubator :D > > > > ::OT:: IIRC ScanOSS CEO or CTO gave a talk at the Dev.Together Conf weeks > > before, now I found a real use case XD. > > > > Best, > > tison. > > > > > > Justin Mclean <jus...@classsoftware.com> 于2024年4月25日周四 13:40写道: > > > > > HI, > > > > > > I’m happy to share it, but as I said, I'm travelling right now and > don't > > > have access. I used ScanOSS workbench, but there are other checkers out > > > there. And yes, tools like this can sometimes give false positives, and > > it > > > can sometimes be unclear where things were originally copied or, in > fact, > > > may have been copied themselves. > > > > > > Kind Regards, > > > Justin > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > > > For additional commands, e-mail: general-h...@incubator.apache.org > > > > > > > > >
