Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Present license notices from command line #3035

Open
atgreen opened this issue Apr 28, 2020 · 4 comments
Open

Present license notices from command line #3035

atgreen opened this issue Apr 28, 2020 · 4 comments
Labels
area/release-eng Issues or PRs related to the Release Engineering kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@atgreen
Copy link

atgreen commented Apr 28, 2020

/kind feature

Which functionality do you think we should add?

The odo cli should have a command to dump all copyright notices associated with the open-source software built into the binary.

Why is this needed?

odo is commonly distributed in binary form without any of the license notices required by the open-source code used to build odo. See, for instance, https://mirror.openshift.com/pub/openshift-v4/clients/odo/latest/ . The single binary distribution is convenient, but there's also a requirement to distribute copyright license notices with the software. My suggestion is to collect those licenses at build-time and provide a new odo command to show them. To be clear, odo is just of many cli tools in the k8s ecosystem for which this should be done (oc, helm, etc). The alternative is to change how these tools are distributed so they also include copyright notices bundled in an archive.
@openshift-ci-robot openshift-ci-robot added the kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation label Apr 28, 2020
@kadel
Copy link
Member

kadel commented Apr 29, 2020

/area release-eng

@openshift-ci-robot openshift-ci-robot added the area/release-eng Issues or PRs related to the Release Engineering label Apr 29, 2020
@openshift-bot
Copy link

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci-robot openshift-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 28, 2020
@atgreen
Copy link
Author

atgreen commented Jul 31, 2020

/lifecycle frozen

@openshift-ci-robot openshift-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jul 31, 2020
@kadel
Copy link
Member

kadel commented Aug 3, 2020

@atgreen How should output look like? I guess that just listing license names won't make sense.

Maybe something like:

$odo license
  
* odo is licensed under Apache License 2.0
   Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/

   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

   1. Definitions
...
...
...

* 3rd. party libraries licensed under Apache License 2.0: 
- github.com/openshift/api
- github.com/spf13/cobra 
- .....
    Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/

   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

   1. Definitions
...
...


* 3rd. party libraries licensed under MIT license:
- github.com/onsi/ginkgo
- github.com/onsi/gomege
- ...

Copyright (c) 2013-2014 .....

Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
...
...

Or it would be safer to list full licenses for every library?
Is it ok to just the list libraries that we use directly or should we also include nested dependencies? It might become a huge list if we do that.

@rm3l rm3l added this to odo Project Oct 3, 2022
@rm3l rm3l moved this to To Do 📝 in odo Project Oct 3, 2022
@rm3l rm3l removed the status in odo Project Oct 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/release-eng Issues or PRs related to the Release Engineering kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
odo Project
Status: No status
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kadel @atgreen @openshift-bot @openshift-ci-robot