Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce strict license distribution requirements #56642

Merged
merged 2 commits into from
May 14, 2020
Merged

Enforce strict license distribution requirements #56642

merged 2 commits into from
May 14, 2020

Conversation

mark-vieira
Copy link
Contributor

This commit tightens certain dependency license checks in our build.
Firstly, the build will not fail if it cannot accurately identify the
type of license in one of our LICENSE.txt files. Secondly, dependencies
for licenses identified as requiring source redistribution will fail if
a corresponding SOURCES.txt file does not exist. This file should
include a hyperlink to a source artifact for the given dependency to be
used for redistribution during the release process.

We also add source distribution URLs (if applicable) to the generated
dependency info report. This is to be consumed by the release
manager for inclusion in our public dependency reports.

cc @tomcallahan

Closes #50058

@mark-vieira
Enforce strict license distribution requirements
72cf26e 
This commit tightens certain dependency license checks in our build.
Firstly, the build will not fail if it cannot accurately identify the
type of license in one of our LICENSE.txt files. Secondly, dependencies
for licenses identified as requiring source redistribution will fail if
a corresponding SOURCES.txt file does not exist. This file should
include a hyperlink to a source artifact for the given dependency to be
used for redistribution during the release process.
@mark-vieira mark-vieira added the :Delivery/Build Build or test infrastructure label May 12, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-core-infra (:Core/Infra/Build)

@elasticmachine elasticmachine added the Team:Core/Infra Meta label for core/infra team label May 12, 2020
breskeby
breskeby approved these changes May 13, 2020
View reviewed changes
Copy link
Contributor

@breskeby breskeby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from my limited context this lgtm.

@mark-vieira mark-vieira merged commit f9847f3 into elastic:master May 14, 2020
@mark-vieira mark-vieira deleted the license-distribution-enforcement branch May 14, 2020 20:25
mark-vieira added a commit that referenced this pull request May 14, 2020
@mark-vieira
Enforce strict license distribution requirements (#56642)
0fd756d
mark-vieira added a commit that referenced this pull request May 14, 2020
@mark-vieira
Enforce strict license distribution requirements (#56642)
bbdf250
mark-vieira added a commit that referenced this pull request May 14, 2020
@mark-vieira
Enforce strict license distribution requirements (#56642)
6df7c0e
@mark-vieira mark-vieira mentioned this pull request May 26, 2020
Merged
@jmlrt jmlrt mentioned this pull request May 26, 2020
Closed
@mark-vieira mark-vieira added Team:Delivery Meta label for Delivery team and removed Team:Core/Infra Meta label for core/infra team labels Nov 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@breskeby breskeby breskeby approved these changes

@rjernst rjernst Awaiting requested review from rjernst

@jasontedor jasontedor Awaiting requested review from jasontedor

Assignees
No one assigned
Labels
:Delivery/Build Build or test infrastructure Team:Delivery Meta label for Delivery team v7.7.1 v7.8.1 v7.9.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Compliance with third party dependency license distribution requirements is properly enforced
4 participants
@mark-vieira @elasticmachine @breskeby @jakelandis