Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependencies License check #651

Open
diconico07 opened this issue Aug 22, 2023 · 5 comments
Open

Dependencies License check #651

diconico07 opened this issue Aug 22, 2023 · 5 comments

Comments

@diconico07
Copy link
Contributor

diconico07 commented Aug 22, 2023
edited
Loading

We are currently not checking our dependencies licenses, however per CNCF guidelines we should ask governing board for approval of dependencies not using allowed licenses.

I made a quick license audit of our dependencies and found two that should require approval from CNCF:

  • opcua crate is under MPL license
  • mock_instant crate is under 0BSD license

Tools like cargo-deny (used by kube-rs for example) exists to enforce this kind of requirements on dependencies.
@agracey
Copy link

agracey commented Aug 23, 2023

Since opcua and mock_interval are not used by the platform itself, this might be a good reason to move the discovery handlers into their own repos.

@diconico07
Copy link
Contributor Author

Okay, just edited the description, it's mock_instant not mock_interval 😇 , it's used in agent's test suite

@agracey
Copy link

agracey commented Aug 24, 2023

Ah, gotcha. In that case, arguing for an exception seems better unless there's a differently licensed mocking library that's worth the migration.

@kate-goldenring kate-goldenring moved this to Investigating in Akri Roadmap Oct 3, 2023
@github-actions GitHub Actions
Copy link
Contributor

Issue has been automatically marked as stale due to inactivity for 90 days. Update the issue to remove label, otherwise it will be automatically closed.

@github-actions github-actions bot added the stale label Nov 23, 2023
@diconico07 diconico07 removed the stale label Nov 27, 2023
@github-actions GitHub Actions
Copy link
Contributor

Issue has been automatically marked as stale due to inactivity for 90 days. Update the issue to remove label, otherwise it will be automatically closed.

@github-actions github-actions bot added the stale label Feb 26, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 26, 2024
@github-project-automation github-project-automation bot moved this from Investigating to Done in Akri Roadmap May 26, 2024
@diconico07 diconico07 reopened this May 27, 2024
@github-project-automation github-project-automation bot moved this from Done to Triage needed in Akri Roadmap May 27, 2024
@diconico07 diconico07 removed the stale label May 27, 2024
@yujinkim-msft yujinkim-msft moved this from Triage needed to Backlog in Akri Roadmap Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Akri Roadmap
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@diconico07 @agracey