Skip to content

Add license to image and gemspec#4317

Merged
Nishnha merged 4 commits intomainfrom
nishnha/add-license
Oct 18, 2021
Merged

Add license to image and gemspec#4317
Nishnha merged 4 commits intomainfrom
nishnha/add-license

Conversation

@Nishnha
Copy link
Copy Markdown
Member

@Nishnha Nishnha commented Oct 14, 2021
edited
Loading

This adds the LICENSE to the home directory of the Docker image.

Screen Shot 2021-10-14 at 11 30 09 AM

The dependabot-* gems on rubygems currently have the license set as 'nonstandard' and do not include a license file.
TBD: rake gems:release will not include the LICENSE in the dependabot-* gems in this PR.

@Nishnha Nishnha requested a review from a team as a code owner October 14, 2021 15:34
@Nishnha
Add license to image and gemspec
9627f2b 
The dependabot-* gems on rubygems currently have the license set as 'nonstandard' and do not include a license file.
@Nishnha Nishnha force-pushed the nishnha/add-license branch from 720c857 to 9627f2b Compare October 14, 2021 15:55
@Nishnha
Copy link
Copy Markdown
Member Author

Nishnha commented Oct 14, 2021

So the license we use is actually not on the list of common open-source licenses that rubygems recognizes. There is a PR to add v3 but it has not been merged: spdx/license-list-XML#960

Screen Shot 2021-10-14 at 2 09 27 PM

We'll have to list the license as "Nonstandard" like it was before and include the LICENSE file in the top-level directory of the gem so that it can get picked up by licensed

@Nishnha
Set license back to Nonstandard
c17b9dd 
Rubygems only recognizes licenses on the spdx license list, and the Prosperity Public License 2.0.0 is not one of them.
@Nishnha
Revert "Add license to gem build directory"
6c703d0 
This reverts commit 05aa6ee.
@Nishnha
Copy link
Copy Markdown
Member Author

Nishnha commented Oct 15, 2021

The scope of this PR has been reduced to only including the LICENSE file in the Dependabot-Core Docker image. We will punt on adding the LICENSE to the dependabot-* Gems themselves since it's non-trivial with this Nonstandard license.

Since the LICENSE will not be included in the Gems, we will also have to omit the dependabot-* Gems from being vendored with licensed, but that isn't that big of an issue since Core is owned by us and anyone can look at our required Gems for licensing info.

@Nishnha Nishnha merged commit 35032ea into main Oct 18, 2021
@Nishnha Nishnha deleted the nishnha/add-license branch October 18, 2021 16:35
@brrygrdn brrygrdn mentioned this pull request Oct 27, 2021
Merged
@jeffwidman jeffwidman mentioned this pull request Sep 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jurre jurre jurre approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Nishnha @jurre