From dev-return-3971-archive-asf-public=cust-asf.ponee.io@creadur.apache.org Tue Nov 5 22:13:07 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 5F8A9180661 for ; Tue, 5 Nov 2019 23:13:07 +0100 (CET) Received: (qmail 27630 invoked by uid 500); 5 Nov 2019 22:13:06 -0000 Mailing-List: contact dev-help@creadur.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@creadur.apache.org Delivered-To: mailing list dev@creadur.apache.org Received: (qmail 27618 invoked by uid 99); 5 Nov 2019 22:13:06 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Nov 2019 22:13:06 +0000 From: GitBox To: dev@creadur.apache.org Subject: [GitHub] [creadur-rat] potiuk edited a comment on issue #15: [RAT-261] Check the source code via Apache RAT to detect license violations Message-ID: <157299198663.1483.17125994649272895470.gitbox@gitbox.apache.org> Date: Tue, 05 Nov 2019 22:13:06 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit potiuk edited a comment on issue #15: [RAT-261] Check the source code via Apache RAT to detect license violations URL: https://github.com/apache/creadur-rat/pull/15#issuecomment-550045570 I think the whole discussion started with finding that the licence headers are missing in some of the files in RAT: .travis.yml, .gitignore, BUILD.txt for example. On the other hand it is in pom.xml, and ant-task-examples.xml. So we thought RAT does not use itself to check licences. We had very similar problem in Airflow 1.10.6 rc1 release when one of the files which was not technically part of the sources of the app (was not released in package but it was released as part of the source.zip file) missed a licence. It was not RAT problem but our Docker environment. We actually dropped the release because of that and released 1.10.6rc2 with licence added (and we fixed the mounts in Docker to scan all files). As a new PMC in Airflow I learned that it's my responsibility to not release software without licence headers. So I think it is important to understand if this is intentional to skip those files from the check? I looked through RAT documentation and the only thing I found is > useDefaultExcludes: > > Whether to use the default excludes when scanning for files. The default excludes are: > meta data files for source code management / revision control systems, see SourceCodeManagementSystems > ... It's true by default - but unfortunately there is no explanation what "SourceCodeManagementSystems" actually is (but I guess it is .git, .svn folders). But there is no indication I could find that things like .gitignore or .travis.yml or BUILD.txt will also be ignored. It would be great to understand the reasoning for those exclusions and possibly fix at least the .travis.yml and .gitignore and let RAT check that as well (RAT seems like perfect example that others will probably follow so better to have licence in .travis.yml) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org With regards, Apache Git Services