tgeoghegan
commented
3 months ago While we're at it, we should set up a deny.toml similar to Janus' to make sure we don't unexpectedly pull in a surprising license.
Open tgeoghegan opened 3 months ago
tgeoghegan
commented
3 months ago While we're at it, we should set up a deny.toml similar to Janus' to make sure we don't unexpectedly pull in a surprising license.
We should do something similar to https://github.com/divviup/janus/issues/3229 for divviup-api. The hangup is that as of recently, we distribute binaries of divviup-cli as well as container images, and it's not obvious how to bundle licenses with those. Perhaps shipping the license text files to each divviup-cli release alongside the binaries would work? Or we could make each release include a link to all the relevant licenses.