> Should we store licensing information as a comment in the > *-requirements files ? Can it be stored on the same line ? Something > like: > > oslo.messaging>=1.3.0a4 # Apache-2.0
Since it's licenses we're tracking shouldn't we be tracking indirect dependencies too (i.e. packages pulled in by required packages)? And if we want to do that then the method above won't be sufficient. And, of course, we want an automated way of generating this info - dependencies (can) change from version to version. Do we have such a tool? -- Koo On Mon, 17 Feb 2014 17:01:24 +0100 Thierry Carrez <thie...@openstack.org> wrote: > Hi everyone, > > A year ago there was a discussion about doing a license inventory on > OpenStack dependencies, to check that they are compatible with our own > license and make sure any addition gets a proper license check. > > Back then I proposed to leverage the openstack/requirements repository > to store that information, but that repository was still > science-fiction at that time. Now that it's complete and functional, > I guess it's time to revisit the idea. > > Should we store licensing information as a comment in the > *-requirements files ? Can it be stored on the same line ? Something > like: > > oslo.messaging>=1.3.0a4 # Apache-2.0 > _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
