Closed mdebarros closed 1 year ago
Thanks @mdebarros and the DA team.
After consultation with legal experts (by Paula H) and Blue Oak team, we've been given the recommendation to go ahead with adding this license to the "allow / approved list". Thanks to Paula for helping resolve this quickly.
Thanks @mdebarros and the DA team.
After consultation with legal experts (by Paula H) and Blue Oak team, we've been given the recommendation to go ahead with adding this license to the "allow / approved list". Thanks to Paula for helping resolve this quickly.
Great to hear! \:D/
Thanks to you, Paula and co for getting an answer on this!
Follow-up PR to add BlueOak to the allowedlist --> https://github.com/mojaloop/license-scanner-tool/pull/26
Request Summary:
Several CI-CD builds are failing License Scanner Checks using the Mojaloop "allowedList" due to the introduction of a new License Blue Oak v1.0.0 to Mojaloop's underlying dependencies.
Here is an example of the [SDK-Scheme-Adapter] --> https://app.circleci.com/pipelines/github/mojaloop/sdk-scheme-adapter/2670/workflows/8a0e2fb0-ff1a-49d3-affb-a3fcac5e7cb0/jobs/19235
It seems to be impacting several key dependencies, specifically glob and also npm-check-updates. However, since this impacts a dependency like
glob
, it is more than likely that this issue will impact other dependencies going forward.Request Details:
We have a couple of options here: