-
Notifications
You must be signed in to change notification settings - Fork 9.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
*: add bill of materials #7745
*: add bill of materials #7745
Conversation
7d8c011
to
bd757c3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, it seems to be not valid json:
Error: Parse error on line 202:
...dence": 0.953 }][ { "project": "b
-------------------^
Expecting 'EOF', '}', ',', ']'
Missing comma?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm.
@robszumski it doesn't like the second [] so I manually folded the error data into the first [] |
Do we have some script to generate this file? Or just comment here for future reference? |
@gyuho |
lgtm |
Codecov Report
@@ Coverage Diff @@
## master #7745 +/- ##
=========================================
Coverage ? 76.02%
=========================================
Files ? 331
Lines ? 26058
Branches ? 0
=========================================
Hits ? 19811
Misses ? 4825
Partials ? 1422 Continue to review full report at Codecov.
|
A few of these are still wrong (https://github.com/coreos-inc/coreos-pages/pull/1504). I can manually fix these but now it seems like the bom stuff won't be amenable to automation any time soon. |
updated broken detected license, revendored gopkg.in/yaml.v2 so it has the latest / more permissive license |
These can be overridden using an override file: https://github.com/coreos/license-bill-of-materials#what-is-it |
@philips doesn't seem to work; it only hits error/no license cases and even then I'm not seeing it show up in the list. Including an override file anyway, though. |
Going to open an issue about automating this, but otherwise seems like if there's anything else that needs fixing it can be addressed in another PR. Merging. |
This does not cover all the packages in etcd.
/cc @robszumski