We are a group of researchers developing tools to monitor and remediate open-source license incompatibilities in the PyPI ecosystem.
We find that your optbinning package has a GPL-3.0-or-later licensed transitive dependency ecos (introduced by rowpr through the path rowpr -> cvxpy -> ecos). This could be problematic because GPL-licensed software requires any of its derivative work to be also licensed under GPL, but optbinning is licensed under Apache 2.0.
The dependency tree of optbinning 0.17.3 returned by pipdeptree as follows:
To remove this license incompatibility, the following possible remediations can be considered:
Relicense optbinning under GPL 3.0 or AGPL 3.0
remove ropwr (migrate to another alternative if necessary)
Note that the above remediations are generated by an automated tool that is still under test, may be incorrect, and does not represent legal advice. We welcome any suggestions and feedback!
Hello,
We are a group of researchers developing tools to monitor and remediate open-source license incompatibilities in the PyPI ecosystem.
We find that your
optbinning
package has a GPL-3.0-or-later licensed transitive dependencyecos
(introduced byrowpr
through the pathrowpr
->cvxpy
->ecos
). This could be problematic because GPL-licensed software requires any of its derivative work to be also licensed under GPL, butoptbinning
is licensed under Apache 2.0.The dependency tree of
optbinning
0.17.3 returned by pipdeptree as follows:To remove this license incompatibility, the following possible remediations can be considered:
optbinning
under GPL 3.0 or AGPL 3.0ropwr
(migrate to another alternative if necessary)Note that the above remediations are generated by an automated tool that is still under test, may be incorrect, and does not represent legal advice. We welcome any suggestions and feedback!
Thank you!