> everything should be there for > this with one exception: We really want to have some check in place for > s2i so that it checks license, so we don't accidentally push out > something thats not under a open source license. This doesn't need to be > a blocker, but it would be great to get in place soon. I could see that as an integration test in PDC, or have a regular (or evented) job on the devpi host that would check the licences of all cached (and thus requested) packages. The downside of doing it on devpi is that we won't know directly which app has requested the nonfree package. Since all dependencies are already available locally and the license is in the package metadata (PKG-INFO file), a script running in the integration testsuite wouldn't even need internet access. I can write a POC if you want. A. _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
