dependency review: add 0BSD and Apache-2.0 variants#305
Merged
Conversation
Checks started failing this evening with: The following dependencies have incompatible licenses: pnpm-lock.yaml » prettier@3.4.2 – License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT pnpm-lock.yaml » rollup@4.28.1 – License: 0BSD AND ISC AND MIT The `rollup` library is MIT but some of its dependencies are ISC and 0BSD [1] The `prettier` is released under MIT but some of its dependencies use other licenses [2]. [1] https://github.com/rollup/rollup/blob/master/LICENSE.md [2] https://github.com/prettier/prettier/blob/main/LICENSE Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
r0mant
approved these changes
Dec 20, 2024
avatus
added a commit
that referenced
this pull request
Jan 22, 2025
Similar to #305 this PR will add another variant/combo and various licenses. Idealy we could manage this in some sort of "check if each of these invidually" are included, but idk how the legallity of licenses work so Ill just follow prior work here related PR failure https://github.com/gravitational/teleport/actions/runs/12911052502/job/36002924223?pr=51356#step:3:19
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Checks began failing this evening with the following issue:
The dependencies listed below have incompatible licenses:
pnpm-lock.yaml » prettier@3.4.2– License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MITpnpm-lock.yaml » rollup@4.28.1– License: 0BSD AND ISC AND MITThe
rolluplibrary itself is licensed under MIT, but some of its dependencies are under ISC and 0BSD licenses [1].Similarly,
prettieris released under the MIT license, but several of its dependencies use other licenses [2].[1] https://github.com/rollup/rollup/blob/master/LICENSE.md
[2] https://github.com/prettier/prettier/blob/main/LICENSE