Closed Uzlopak closed 7 months ago
Looks like it did its job here: https://github.com/fastify/fastify-static/actions/runs/6177304982/job/16768155505 But then failed with the likes of: https://github.com/fastify/fastify-sensible/actions/runs/6218443565/job/16874935466
The underlying license-checker seems hit and miss?
Yes. It seems there is a miss if it is a direct dependency?
It's because tap is a dev dependency and the license check in here is only looking at production ones. It caught it in https://github.com/fastify/fastify-static/actions/runs/6177304982/job/16768155505 because @gurgunday was updating a production dependency.
Will update it to also catch dev ones.
@Uzlopak may no longer be an issue?
https://github.com/openjs-foundation/cross-project-council/issues/1170#issuecomment-1802733531
Everything should be ok in 2/3 months or so. There is 60 days grace time, then the OpenJS Board would issue a statement.
@Fdawgs
In a meeting with @rginn regarding some other OpenJS related topic last week I asked her about blueoak. She also said, that it should resolve positive.
"Should" and "are" are not equivalent. I am keeping an eye on the progress and will keep the task list updated. A major bump in tap
after any v5 related release is an internal matter and will not necessitate another new major.
edit: I thought this thread was the v5 prep work thread.
Maybe rename this issue as it was initially meant as a big report about blue oak (dev) dependencies not being found by the workflow but now seems to be about tracking Blue Oak's OSI approval 😌
Or maybe there's another issue tracking the OSI-approval? In that case this issue can be closed in favor of that one.
Blue Oak is OSI approved
The OpenJS Board of Directors still need to vote to approve the Blue Oak license for OpenJS-hosted projects. The vote will take place this week.
Prerequisites
Issue
According to @gurgunday tap is using BlueOak License and the license checked does not detect it as no allowed. We have to investigate on why this fails.