New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Submit Updates to Packages with ambiguous licenses #912
Comments
Looks like taffydb has already fixed this license issue in |
Cycle is listed as Public Domain in the package.json, but the license scanner tool fails to parse the package.json file for some reason. |
This will be blocked now as we wait for pull requests to other repos out of our control to be reviewed, and npm modules to be released. |
The cycle maintainer doesn't seem to want to release a new version. (Ref: dscape/cycle#21) It may not be worth worrying about for now, since the only places we use this dependency are in |
I've submitted a PR to address cycle if any of the maintainers are still active. |
Thanks @TheIncorrigible1 . Unfortunately I think the maintainer is MIA, we might not get a release anytime soon. |
Goal:
As a
OSS Maintainer
I want toupdate any dependencies that have ambiguous licenses
so thatwe can clarify where we stand on the licensing of dependencies
.Tasks:
[ ]https://github.com/typicaljoe/taffydbContains MIT license on github, but not listed in package.jsonLatest version fixes this:v2.7.3
Once the above changes are accepted, update the package version in the
package.json
orpackage-lock.json
file to pull through this license update. Apply for:- [ ] central-directoryNo longer used - for legacy support onlyRemove any now outdated whitelisted packages from the license-scanner
config.toml
Acceptance Criteria:
Pull Requests:
npm install
Follow-up:
Dependencies:
Accountability:
The text was updated successfully, but these errors were encountered: