Skip to content

TRACKING: third party licensing #3884

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
4 tasks done
hansl opened this issue Jan 6, 2017 · 6 comments
Closed
4 tasks done

TRACKING: third party licensing #3884

hansl opened this issue Jan 6, 2017 · 6 comments
Assignees
@hansl @filipesilva
Labels
P3 An issue that is relevant to core functions, but does not impede progress. Important, but not urgent

Comments

@hansl
Copy link
Contributor

hansl commented Jan 6, 2017
edited by filipesilva
Loading

Some of our direct and indirect dependencies are not using licenses that are approved by Google, so we need to do something about it. We have three options for each of those: ask authors to relicense, reimplement ourselves, or stop using the dependency.

Here's a (maybe incomplete) list:

  • uc.micro - WTFPL (from markdown-it). markdown-it might have replacements that are available, so I'll look for those.
  • sourcemap-istanbul-instrumenter-loader - WTFPL. We should probably contact the author for this one. Might not be needed.
  • jsonify - Public Domain (not a valid license, from ember-cli-preprocess-registry/broccoli-clean-css/json-stable-stringify). We don't need the preprocess-registry and will probably get rid of it.

Other point to consider this completed:

  • make a test to check licenses from package.json of every dependencies on Travis.

We might need to make separate issues to track some of those individually.

cc @IgorMinar @naomiblack
@hansl
Copy link
Contributor Author

hansl commented Jan 6, 2017

Shoutout to Robert Spier who found those!

@hansl hansl added the P3 An issue that is relevant to core functions, but does not impede progress. Important, but not urgent label Jan 6, 2017
@hansl hansl self-assigned this Jan 6, 2017
@JohannesRudolph
Copy link
Contributor

Alternative reading: Google's legal team should work on approving the WTFPL :-)

@clydin clydin mentioned this issue Jan 30, 2017
Merged
@filipesilva
Copy link
Contributor

filipesilva commented Feb 3, 2017
edited
Loading

sourcemap-istanbul-instrumenter-loader is the only one missing now.

There seems to be a yarn tool to list licences, we should add a test that uses it.

@filipesilva filipesilva self-assigned this Feb 3, 2017
@filipesilva
Copy link
Contributor

The sourcemap-istanbul-instrumenter-loader author at webpack-contrib/istanbul-instrumenter-loader#39 seems to be ok with changing to MIT.

filipesilva added a commit to filipesilva/angular-cli that referenced this issue Feb 9, 2017
@filipesilva
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader
479ba2a 
Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address angular#3884
This was referenced Feb 9, 2017
Merged
Merged
filipesilva added a commit to filipesilva/angular-cli that referenced this issue Feb 9, 2017
@filipesilva
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader
cf0352e 
Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address angular#3884
filipesilva added a commit to filipesilva/angular-cli that referenced this issue Feb 9, 2017
@filipesilva
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader
549d589 
Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address angular#3884
filipesilva added a commit to filipesilva/angular-cli that referenced this issue Feb 9, 2017
@filipesilva
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader
47c257f 
Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address angular#3884
hansl pushed a commit that referenced this issue Feb 9, 2017
@filipesilva @hansl
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader (#…
15b6d9c 
…4560)

Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address #3884
@filipesilva
Copy link
Contributor

Closed via #4561

asnowwolf pushed a commit to asnowwolf/angular-cli that referenced this issue Apr 12, 2017
@filipesilva
build(@angular/cli): update sourcemap-istanbul-instrumenter-loader (a…
5c91cfb 
…ngular#4560)

Thanks to @deepsweet for the license update!

Followup from webpack-contrib/istanbul-instrumenter-loader#39
Partially address angular#3884
@angular-automatic-lock-bot
Copy link

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

This action has been performed automatically by a bot.

@angular-automatic-lock-bot angular-automatic-lock-bot bot locked and limited conversation to collaborators Sep 6, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@hansl hansl

@filipesilva filipesilva

Labels
P3 An issue that is relevant to core functions, but does not impede progress. Important, but not urgent
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JohannesRudolph @hansl @filipesilva