Repos being scanned by SCANOSS

[VegaDeftwing]

Hello, I saw on https://www.softwaretransparency.org/osskb that they're scanning slf4j.org

I was curious if they'd requested prior permission to do this?

[ceki]

@VegaDeftwing What type of information are they extracting?

[VegaDeftwing]

I don't know. I think they're fingerprinting the code somehow, to sell to their customers the ability to check their code for if they're following all their licensees correctly. There's also something blockchain involved?

I wouldn't even know they exist either, except I'm currently dealing with them being rather rude to the FOSS community: scanoss/purl2cpe#24