Copilot commented on code in PR #10113:
URL: https://github.com/apache/gravitino/pull/10113#discussion_r2871017328
##########
web-v2/web/LICENSE.bin:
##########
@@ -770,25 +836,31 @@
domelementtype
domhandler
domutils
+ entities
+ eslint-scope
espree
Review Comment:
`espree` is listed here under the BSD 2-Clause section, but there is no
corresponding per-package license text in `web-v2/web/licenses/` (e.g.,
`web-v2/web/licenses/espree.txt`). Since the build/distribution packages
`web-v2/web/licenses` separately, this likely leaves the binary distribution
missing the espree license text. Please add back the espree license file (or
regenerate the licenses folder) so every package listed has a license text file
included.
```suggestion
```
##########
web-v2/web/LICENSE.bin:
##########
@@ -799,38 +871,32 @@
ISC license.
@isaacs/cliui
+ @isaacs/fs-minipass
@trysound/sax
- @types/tar
- @ungap/structured-clone
anymatch
boolbase
electron-to-chromium
eslint-import-resolver-typescript
fastq
flatted
foreground-child
- fs-minipass
- fs.realpath
glob
glob-parent
graceful-fs
- inflight
- inherits
isexe
lru-cache
lucide-react
minimatch
- minipass
once
picocolors
- qrcode.react
- rimraf
+ saxes
semver
+ siginfo
signal-exit
+ test-exclude
which
wrappy
yallist
- yaml
Review Comment:
`minimatch` and `yallist` are listed under the ISC license section here, but
they also appear again under the Blue Oak Model License section later in the
same file. If different versions have different licenses, this `LICENSE.bin`
format is ambiguous (no versions), and if not, then one of these sections is
incorrect. Please disambiguate by including versions (e.g., `[email protected]`)
or otherwise ensure each package is listed under only the correct license
section.
##########
web-v2/web/LICENSE.bin:
##########
@@ -231,7 +240,6 @@
./web/lib/enums/httpEnum.js
./web/lib/utils/index.js (parts of)
Review Comment:
The Vben attribution block lists file paths under `./web/lib/...`, but in
web-v2 these files live under `./web-v2/web/src/lib/...` (e.g.,
`src/lib/utils/axios`, `src/lib/enums/httpEnum.js`, `src/lib/utils/index.js`).
This makes the attribution references inaccurate for the v2 UI artifact. Please
update the paths (or regenerate `LICENSE.bin`) so they match the actual web-v2
source tree.
##########
web-v2/web/LICENSE.bin:
##########
@@ -231,7 +240,6 @@
./web/lib/enums/httpEnum.js
./web/lib/utils/index.js (parts of)
- @aashutoshrathi/word-wrap
@alloc/quick-lru
@ant-design/colors
Review Comment:
`[email protected]` is still present in `web-v2/web/pnpm-lock.yaml`, but it is
not listed anywhere in `LICENSE.bin`, and its per-package license file appears
to have been removed (`web-v2/web/licenses/opener.txt`). This leaves the
distributed `LICENSE`/`licenses` inventory incomplete for a shipped dependency.
Please regenerate/update the license inventory so `opener` is included (and its
license text is present under `web-v2/web/licenses/`).
##########
web-v2/web/LICENSE.bin:
##########
@@ -207,21 +207,30 @@
Apache Zeppelin
./web/web/WEB-INF/web.xml
Review Comment:
This Apache-2.0 third-party attribution references
`./web/web/WEB-INF/web.xml`, but for the v2 UI the file is at
`web-v2/web/WEB-INF/web.xml`. Please update this path (or regenerate
`web-v2/web/LICENSE.bin`) so the referenced file location matches the actual
web-v2 artifact being packaged.
```suggestion
./web-v2/web/WEB-INF/web.xml
```
##########
web-v2/web/licenses/istanbul-report.txt:
##########
@@ -0,0 +1,24 @@
+Copyright 2012-2015 Yahoo! Inc.
+All rights reserved.
+
Review Comment:
This license file name (`istanbul-report.txt`) doesn’t match the actual
dependency name in `pnpm-lock.yaml` / `LICENSE.bin` (`istanbul-reports`). If
tooling expects the license filename to map to the package name, this will make
the `istanbul-reports` license hard to locate. Consider renaming this file to
`istanbul-reports.txt` (and keep `LICENSE.bin` consistent).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
