-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check for non-permissive licenses in CI #80
Labels
Comments
Note that some packages may come with multiple licenses, e.g. In those cases so long as an appropriately permissive license is available, the CI job should not fail. |
Can we please not drag things out of refinement that haven't been refined? |
My bad, sorry |
This was referenced Dec 18, 2024
Merged
emteknetnz
changed the title
Check for non-permissive licences in CI
Check for non-permissive licenses in CI
Dec 19, 2024
PRs merged |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Non-permissive open source licenses such a GPLv2 in dependencies cause a level of confusion as to whether they require websites to make their source code available. Because of the grey-area, we should ensure there are no non-permissive licences in any of our dependencies.
TinyMCE 7 switched from an MIT license to a GPLv2 license. While it would be unexpected for a dependency to chance its licence in a minor release, and we do use
^
carets for our dependencies, we have less visibility over dependencies of dependencies which could more easily go up majors with no input from our side.Because of this we should add a CI logic in sink that validates there are no non-permissive (i.e copyleft) opensource licences in the installed dependencies
After merging create a new 1.3 branch and manually release 1.3.0
Notes
Acceptance criteria
non-permissiveallowed licenses is createdCIworkflow logic runs looking for non-permissive licensesThe entire build will fail if this logic fails so that we have visibility of it in rhinoPRs
The text was updated successfully, but these errors were encountered: