Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SONARPY-2355 Update licenses to SSALv1 #2169

Merged
merged 5 commits into from
Nov 26, 2024
Merged

SONARPY-2355 Update licenses to SSALv1 #2169

merged 5 commits into from
Nov 26, 2024

Conversation

guillaume-dequenne-sonarsource
Copy link
Contributor

@guillaume-dequenne-sonarsource guillaume-dequenne-sonarsource commented Nov 20, 2024
edited by jira bot
Loading

Context for the format update of license-maven-plugin: see this PR. Not respecting the new format prevented our custom configuration from being taken into account (Python files were neither checked nor updated).

Currently, SSALv1 itself is flagged as a forbidden dependency for our internal checks. Because of this, they are overridden in our checks (see BUILD-7017).

Seppli11
Seppli11 approved these changes Nov 21, 2024
View reviewed changes
Copy link
Contributor

@Seppli11 Seppli11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apart from the missing link to the license file, it looks good to me.

SQRP-80 mentions that projects that should remain under LGPL need to modify the pom.xml accordingly. But this doesn't apply to any of the projects in this repo, right?

README.md Outdated
@@ -82,4 +82,6 @@ To fix that please execute: `mvn license:format`.

Copyright 2011-2024 SonarSource.

Licensed under the [GNU Lesser General Public License, Version 3.0](http://www.gnu.org/licenses/lgpl.txt)
SonarQube analyzers released after November 29, 2024, including patch fixes for prior versions, are published under the Sonar Source-Available License Version 1 (SSALv1).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to SQRP-80, the readme should link to the LICENSE.txt file

@guillaume-dequenne-sonarsource guillaume-dequenne-sonarsource changed the title SONARPY-2355 SONARPY-2355 Update licenses to SSALv1 Nov 21, 2024
@guillaume-dequenne-sonarsource guillaume-dequenne-sonarsource marked this pull request as ready for review November 21, 2024 10:47
@guillaume-dequenne-sonarsource
Copy link
Contributor Author

guillaume-dequenne-sonarsource commented Nov 21, 2024
edited
Loading

Apart from the missing link to the license file, it looks good to me.

SQRP-80 mentions that projects that should remain under LGPL need to modify the pom.xml accordingly. But this doesn't apply to any of the projects in this repo, right?

It would apply to the sonar-scanner-python, if it were a maven project, but it's not so it should be okay (we should prevent the license from being updated automatically though - I don't remember how this is handled for Python project)

That said, the serializer under this repo should also move to SSALv1, and I realize my initial changes didn't account for that.

@sonarqube-next SonarQube-Next
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

Seppli11
Seppli11 approved these changes Nov 26, 2024
View reviewed changes
Copy link
Contributor

@Seppli11 Seppli11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@guillaume-dequenne-sonarsource guillaume-dequenne-sonarsource merged commit ad8f532 into master Nov 26, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Seppli11 Seppli11 Seppli11 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@guillaume-dequenne-sonarsource @Seppli11