-
Notifications
You must be signed in to change notification settings - Fork 0
/
resolutions.yml
21 lines (19 loc) · 1.45 KB
/
resolutions.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# SPDX-FileCopyrightText: 2014-2021 Sequent Tech Inc <legal@sequentech.io>
#
# SPDX-License-Identifier: AGPL-3.0-only
---
rule_violations:
# 1st-gen
- message: "The project PIP::.*:.* has the dependency PyPI::uwsgi:.* licensed under the ScanCode copyleft categorized license GPL-2.0-or-later."
reason: "DYNAMIC_LINKAGE_EXCEPTION"
comment: "This is actually a GPL-2.0 with a linking exception, allowing not to have to relicense any linking code, such as our case."
- message: "The package PIP::(misc-tools|frestq)-with-requirements-requirements.txt:.* has the declared ScanCode copyleft catalogized license AGPL-3.0-only."
reason: "LICENSE_ACQUIRED_EXCEPTION"
comment: "It's our own sequent open source project so it's not a problem."
# 2nd-gen
- message: "The package (Cargo|Crate|PIP)::(bulletin-board|braid|strand|sequent-core|new-ballot-verifier|(misc-tools|frestq)-with-requirements-requirements.txt):.* has the declared ScanCode copyleft catalogized license AGPL-3.0-only."
reason: "LICENSE_ACQUIRED_EXCEPTION"
comment: "It's our own sequent open source project so it's not a problem."
- message: "The project Cargo::(bulletin-board|braid|strand|sequent-core|new-ballot-verifier):.* has the dependency Crate::(bulletin-board|braid|strand|sequent-core|new-ballot-verifier):.* licensed under the ScanCode copyleft categorized license AGPL-3.0-only."
reason: "LICENSE_ACQUIRED_EXCEPTION"
comment: "It's our own sequent open source project so it's not a problem."