You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The AGPL-1.0-open license causes everything to fail (and I don't know what is using this license as cargo lichking and cargo license aren't listing it anywhere). If I include "AGPL-1.0-only" in the list of accepted licenses, cargo about spits out an error:
$ cargo about generate about.hbs > license.html
2020-02-18 16:52:09 [ERROR] 'AGPL-1.0-only' is not a valid SPDX licensee: AGPL-1.0-open
^^^^^^^^^^^^^ unknown term for key `accepted` at line 1 column 1
$ cargo about generate about.hbs > license.html
2020-02-18 16:53:11 [ERROR] Crate 'app': These licenses [AGPL-1.0-only], could not be satisfied with the following accepted licenses [Apache-2.0, MIT, CC0-1.0, MIT, BSD-2-Clause, BSD-3-Clause, MPL-2.0, ISC, Zlib, Unlicense, 0BSD, BSL-1.0, CC-BY-3.0, OpenSSL, AGPL-1.0]
This is being run in a workspace root. The app is the main binary of the project, and isn't currently licensed (I have set publish = false and license-file = "LICENSE" in the crate's Cargo.toml) (I know this is incompatible with AGPL-1.0, but again as far as I can tell, nothing is using AGPL-1.0 anyway).
(edit note I typed AGPL-1.0-open, but that was a mistake and it should have been AGPL-1.0-only, the issue remains however)
The text was updated successfully, but these errors were encountered:
So the first problem is that AGPL-1.0-open is as it says, a license that doesn't exist in the SPDX License List, the only way to add licenses that aren't in that list is to use LicenseRef-<id>.
The second one is a bug, but that will be fixed by publishing a new version, as the GPL* licenses have some additional handling in later versions of the spdx crate. There's a bit more info here if you're interested.
You could try installing cargo about from source w/ cargo install -f --git https://github.com/EmbarkStudios/cargo-about.git to see if works better for you until we can push a new release.
Thanks!. Something that could also potentially help in situations like this is reporting the dependency tree about what is using an offending license (or even just the offending crate, and I can look it up using cargo tree or examining the lock file).
The
AGPL-1.0-open
license causes everything to fail (and I don't know what is using this license ascargo lichking
andcargo license
aren't listing it anywhere). If I include"AGPL-1.0-only"
in the list of accepted licenses,cargo about
spits out an error:If I change that to
AGPL-1.0
(as suggested by https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html#gnu-licenses), I get:This is being run in a workspace root. The
app
is the main binary of the project, and isn't currently licensed (I have setpublish = false
andlicense-file = "LICENSE"
in the crate'sCargo.toml
) (I know this is incompatible with AGPL-1.0, but again as far as I can tell, nothing is using AGPL-1.0 anyway).(edit note I typed
AGPL-1.0-open
, but that was a mistake and it should have beenAGPL-1.0-only
, the issue remains however)The text was updated successfully, but these errors were encountered: