Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cicd: snyk license check fails #34199

Open
codeboten opened this issue Jul 22, 2024 · 4 comments
Open

cicd: snyk license check fails #34199

codeboten opened this issue Jul 22, 2024 · 4 comments
Assignees
Labels
ci-cd CI, CD, testing, build issues Stale

Comments

@codeboten
Copy link
Contributor

Component(s)

No response

Describe the issue you're reporting

The following PR fails the license check: #33655

The failure is that a dependency brought in by coreinternal is licensed with MPL, which fails the license check.

@jpkrohling
Copy link
Member

At this moment, the only license check we have at Snyk is related to hashicorp/go-version, which has been added to the exception list here, making it safe to use:

https://github.com/cncf/foundation/blob/main/license-exceptions/CNCF-licensing-exceptions.csv

@codeboten
Copy link
Contributor Author

Marked all the go-version checks as ignores for core, will do some more for contrib later. It would be fantastic to find a way to do this in config somewhere

Copy link
Contributor

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

Copy link
Contributor

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

@github-actions github-actions bot added the Stale label Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ci-cd CI, CD, testing, build issues Stale
Projects
None yet
Development

No branches or pull requests

2 participants