mirror of
https://github.com/containers/bootc.git
synced 2026-02-05 15:45:53 +01:00
55c9729ff1
https://lists.fedoraproject.org/archives/list/rust@lists.fedoraproject.org/thread/UE4FU27OAHXQ2EOV5OFSXGHELUWZYSJM/ discusses license compliance as something a downstream distribution should be doing. Yes. But also, this is something that *upstreams* should be doing as part of their CI. Looking around I found https://github.com/pivotal/LicenseFinder which looks decent; it handles multiple languages, has a container image, is FOSS itself etc. I ran through it for bootupd and this lists the approvals. The next step here is to validate this in CI.