Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: enforce version pinning for dependencies in license check config #2624

Merged
merged 2 commits into from
Nov 15, 2023
Merged

chore: enforce version pinning for dependencies in license check config #2624

merged 2 commits into from
Nov 15, 2023

Conversation

ankpshah
Copy link
Contributor

@ankpshah ankpshah commented Nov 8, 2023

  • PR title and description conform to Pull Request guidelines.

Issue #, if available:

Description of changes:

  • The build process will fail when versions of explicitly allowed dependencies in the license check configuration are updated.
  • For build to pass, dependency version must be updated in the license check configuration as well.
  • This is to ensure a review of any updates in dependency licenses before the changes can be merged.
  • This enforcement does not apply to dependencies with already allowed license types and is only for explicitly allowed dependencies

How did you test these changes?
(Please add a line here how the changes were tested)

Documentation update required?

  • No
  • Yes (Please include a PR link for the documentation update)

General Checklist

  • Added Unit Tests
  • Added Integration Tests
  • Security oriented best practices and standards are followed (e.g. using input sanitization, principle of least privilege, etc)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@ankpshah
Enforce version pinning for specified dependencies in license check c…
5c2cce5 
…onfig

- The build process will fail when versions of explicitly allowed dependencies in the license check configuration are updated.

- This enforces a review of any updates in licenses before the changes can be merged.

- This enforcement does not apply to dependencies with already allowed license types and is only for explicitly allowed dependencies
@ankpshah ankpshah requested a review from a team as a code owner November 8, 2023 02:16
@codecov-commenter
Copy link

codecov-commenter commented Nov 8, 2023
edited
Loading

Codecov Report

Merging #2624 (df47e36) into main (47e22db) will not change coverage.
The diff coverage is n/a.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2624   +/-   ##
=======================================
  Coverage   41.77%   41.77%           
=======================================
  Files         902      902           
  Lines       28976    28976           
  Branches     4106     4106           
=======================================
  Hits        12104    12104           
- Misses      15543    15544    +1     
+ Partials     1329     1328    -1

@ankpshah ankpshah marked this pull request as draft November 9, 2023 23:33
@ankpshah ankpshah marked this pull request as ready for review November 14, 2023 22:27
@ankpshah ankpshah merged commit 644be2d into main Nov 15, 2023
3 checks passed
@ankpshah ankpshah deleted the license-check-build-step branch November 15, 2023 19:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpanshu gpanshu gpanshu approved these changes

@tylerjroach tylerjroach tylerjroach approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ankpshah @codecov-commenter @tylerjroach @gpanshu