project-copacetic / copacetic

🧵 CLI tool for directly patching container images!
https://project-copacetic.github.io/copacetic/
Apache License 2.0
1.06k stars 70 forks source link

[REQ] Ability to patch with awareness of licensing conditions #90

Open salaxander opened 1 year ago

salaxander commented 1 year ago

What kind of request is this?

New feature

What is your request or suggestion?

Direct feedback after demoing copa:

One other feature I would like to see from Copacetic would be the ability to specify the licenses I'm willing to incorporate into my images. Sometimes, ensuring licensing models are in tact may be more important to the business than the security patching at the image level. Said another way, sometimes I'll block that at the perimeter rather than open myself up to possible licensing litigation. It would be nice to patch unless the patch requires me to violate an acceptable license rule I have in place.

sozercan commented 1 year ago

@salaxander what's the context of this issue? do you know who reported this? what's the scenario for licenses to change?