Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cicd: snyk license check fails #34199

Open
codeboten opened this issue Jul 22, 2024 · 3 comments
Open

cicd: snyk license check fails #34199

codeboten opened this issue Jul 22, 2024 · 3 comments
Assignees
@jpkrohling
Labels
ci-cd CI, CD, testing, build issues

Comments

@codeboten
Copy link
Contributor

Component(s)

No response

Describe the issue you're reporting

The following PR fails the license check: #33655

The failure is that a dependency brought in by coreinternal is licensed with MPL, which fails the license check.
@codeboten codeboten added ci-cd CI, CD, testing, build issues needs triage New item requiring triage labels Jul 22, 2024
@codeboten codeboten mentioned this issue Jul 22, 2024
Closed
@github-actions github-actions bot mentioned this issue Jul 23, 2024
Closed
@jpkrohling jpkrohling self-assigned this Jul 23, 2024
@jpkrohling jpkrohling removed the needs triage New item requiring triage label Jul 23, 2024
@jpkrohling
Copy link
Member

At this moment, the only license check we have at Snyk is related to hashicorp/go-version, which has been added to the exception list here, making it safe to use:

https://github.com/cncf/foundation/blob/main/license-exceptions/CNCF-licensing-exceptions.csv

@codeboten
Copy link
Contributor Author

Marked all the go-version checks as ignores for core, will do some more for contrib later. It would be fantastic to find a way to do this in config somewhere

@github-actions GitHub Actions
Copy link
Contributor

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

@github-actions github-actions bot added the Stale label Oct 21, 2024
@jpkrohling jpkrohling removed the Stale label Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jpkrohling jpkrohling

Labels
ci-cd CI, CD, testing, build issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jpkrohling @codeboten