-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing license in child dependency cli-color #4517
Comments
Hi @kbradl16, It appears you are correct. In my previous search, I only looked at the first commits and latest of each repo, and so I missed the gap in licensing. This is something we can look into fixing, but it may take some time because we do depend on json-diff pretty heavily for the spec-diff tool. I will update this issue after we have a chance to discuss this further. |
rfc6902 also looks like a good candidate (maintained, typed, well covered). |
Any updates here? Did the aws-cdk move to @aws-cdk/core? If so I think this can close |
Hey @kbradl16, Sorry this has gone so long without addressing.
|
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
Due to company policies, we have a strict set of licenses that are allowed to be used. The license of Unfortunately, this breaks quite some build processes for us as we make use of license checks with our CI/CD pipeline.
|
json-diff uses an old version of cli-color that does not have a license. According to cli-color's npm and github pages, it uses the ISC License, BUT unfortunately that is just for v1.3.0 and later.
An MIT License was added to v0.2.2 in this commit medikoo/cli-color@d28882b
json-diff is using the unlicensed version of the cli-color package v0.1.7
Why do I care?
I want to use this module! but I am not allowed to use this module without it being appropriately licensed. Since this is a dependency I am blocked from installing aws-cdk module with "json-diff": "^0.5.4" because it cannot be completed without also installing the dependency json-diff module with "cli-color": "~0.1.6" which has a dependency on cli-color@0.1.7 which DOES NOT have a license.
How to solve?
The text was updated successfully, but these errors were encountered: