You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@beam.apache.org by Hannah Jiang <ha...@google.com> on 2020/03/24 21:10:02 UTC
Re: [PROPOSAL] Add licenses and notices to SDK docker images
Hi Team
I added some more contents to the documents to discuss how to manage new
dependencies and licenses.
Main ideas are
1. Run precommit tests for PRs to check if new dependencies and license are
added or removed.
2. Run daily checks to see if license and notice context are updated and
sent PRs automatically to update licenses and notices.
Please review *When run dependency check* section and provide inputs to
improve the process.
Link: https://s.apache.org/eauq6
Hannah
On Wed, Feb 5, 2020 at 4:43 PM Hannah Jiang <ha...@google.com> wrote:
> Hello
>
> I wrote a design document about adding licenses and notices for third
> party dependencies to SDK docker images.
> I reviewed several tools for this purpose, please recommend other tools if
> anything in your mind, I am happy to review those as well.
> Link: https://s.apache.org/eauq6
>
> Any kind of comments are welcome.
>
> Thanks,
> Hannah
>
>
>
Re: [PROPOSAL] Add licenses and notices to SDK docker images
Posted by Robert Bradshaw <ro...@google.com>.
Thank you for updating the doc. As I mentioned on the PR, I do not
think we should check all 100K lines of auto-generated/pulled licence
files into the repository and run separate asynchronous processes to
try to keep things in sync and fix things up as dependencies evolve.
Instead, we should populate the container licenses with what's
actually in the container at container build time as part of the
container build process.
On Tue, Mar 24, 2020 at 2:10 PM Hannah Jiang <ha...@google.com> wrote:
>
> Hi Team
>
> I added some more contents to the documents to discuss how to manage new dependencies and licenses.
>
> Main ideas are
> 1. Run precommit tests for PRs to check if new dependencies and license are added or removed.
> 2. Run daily checks to see if license and notice context are updated and sent PRs automatically to update licenses and notices.
>
> Please review When run dependency check section and provide inputs to improve the process.
> Link: https://s.apache.org/eauq6
>
> Hannah
>
>
>
> On Wed, Feb 5, 2020 at 4:43 PM Hannah Jiang <ha...@google.com> wrote:
>>
>> Hello
>>
>> I wrote a design document about adding licenses and notices for third party dependencies to SDK docker images.
>> I reviewed several tools for this purpose, please recommend other tools if anything in your mind, I am happy to review those as well.
>> Link: https://s.apache.org/eauq6
>>
>> Any kind of comments are welcome.
>>
>> Thanks,
>> Hannah
>>
>>