Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ovsx] Provide an API to check whether a license is present and compliant #222

Closed
HaaLeo opened this issue Dec 16, 2020 · 4 comments
Closed

[ovsx] Provide an API to check whether a license is present and compliant #222

HaaLeo opened this issue Dec 16, 2020 · 4 comments
Labels
cli Component: cli

Comments

@HaaLeo
Copy link
Contributor

HaaLeo commented Dec 16, 2020

Description

Reading Brian King's blog especially the sections "Timeline" and "Licensing" I thought that the GitHub action (HaaLeo/publish-vscode-extension) probably should check whether an extension has a license file and whether it is an "Open VSX friendly" license.

To do that it would be best when the ovsx package offers some API method to check whether the extension's license is compliant with the Open VSX / Eclipse guidelines.

Proposal

Export some method, for example isLicenseOk which checks whether the repository includes a license and whether it is compliant with the guidelines.

Further, the ovsx package probably wants to perform this check also when it is invoked with a pre-bundled .vsix file (via the --extensionFile option).
@spoenemann spoenemann added the cli Component: cli label Dec 17, 2020
@spoenemann
Copy link
Member

Hi @HaaLeo! There are no constraints on the license except that there has to be one. The presence of a license is checked in the server when an extension package is processed, so there's not really a need to check in the client.

The ovsx package currently does check for presence of a license, but only to provide the user with the option to choose MIT in case they have no license:
https://github.com/eclipse/openvsx/blob/master/cli/src/check-license.ts

That interactive function doesn't make sense in the context of a GH Action, so if you like we could extract the actual presence check to a separate function.

@HaaLeo
Copy link
Contributor Author

HaaLeo commented Dec 17, 2020

Hi @spoenemann thx for your reply. I was unsure whether the server already checks for an extensions license or not.

Exporting the presence check would be beneficial, because then the action could yield a warning message also when an extension is only packaged and not published (via the --dryRun flag).

However, thank you for clarifying the issue 🙂

@vymarkov
Copy link
Contributor

@spoenemann I found another very useful case where we could improve process of adding new extensions into extensions.json, currently we don't perform any checks during adding new extension into this list, but Open VSX requires licence to be present, thus it make sense to extract check licence to a separate function.

Then use this function during add step to prevent adding to extensions.json extensions which could not be published if licence is not present or publishing (afaik, this repo could be used to publish extensions to any kind of marketplace, not restricted to Open VSX) if we wanna leave the opportunity to use this repo as a source of extensions.

I would like to open a pull request in near future to accomplish this goal.

@vymarkov vymarkov mentioned this issue Jan 14, 2021
Merged
@vymarkov
Copy link
Contributor

@spoenemann hi, I've just opened a pull request with changes that we mentioned on this issue #234 please take a look at this PR :)

Thanks in advance!

@HaaLeo HaaLeo mentioned this issue Jan 23, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cli Component: cli
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vymarkov @spoenemann @HaaLeo