hard code license values for projects

Question

hard code license values for projects

phanirithvij opened this issue a year ago · 1 comments

Problem

There is an "Unknown License" category under Open Source.

Some of the projects which fall under that have licenses defined elsewhere:

https://github.com/openeuler-mirror/stratovirt/blob/master/license/LICENSE | Mulan Permissive Software License, Version 2
https://github.com/openeuler-mirror/iSulad/blob/master/LICENSES/LICENSE | Mulan Permissive Software License, Version 2
https://nginx.org/LICENSE | BSD 2-clause
https://github.com/easzlab/kubeasz/blob/master/docs/mixes/LICENSE | Apache 2.0
https://github.com/Azure/API-Management/blob/main/open-source-policies/LEGAL.MD | MIT

Solution

Now how to make the web UI reflect this? maybe have a [spdx_license_ident](https://spdx.org/licenses/) key in landscape.yml?

Answer 1 · 2024-04-16T13:15:17.000Z

Hi!

We've recently migrated the CNCF landscape to v2. In this version of the landscape, we display the license in the repository details view. We obtain the repositories' license from GitHub.

If there is a repository's license that is not correct, it'd probably be best if this was fixed on the source repository. If GitHub isn't able to pick the license up properly, it'd be great if it could be exposed in the repository in a way that they can detect it (that'd way we'd get it as well).

Handling licenses this way ensures that they're always in sync, as opposed to maintaining some in the landscape.yml file, which could be error prone and misleading (i.e. some license changes but it's not updated in the landscape).

Will close this issue for now, please feel free to reopen if needed 🙂