This is an automated email from the ASF dual-hosted git repository. yuxia pushed a commit to branch introduce-deny in repository https://gitbox.apache.org/repos/asf/fluss-rust.git
commit 1eb28b7e30e094c573e8646c0580825ff78c2f4d Author: luoyuxia <[email protected]> AuthorDate: Sat Feb 7 10:47:49 2026 +0800 chore: introduce deny to check licenses --- .github/workflows/ci.yml | 8 ++++++++ DEVELOPMENT.md | 9 +++++++++ bindings/cpp/Cargo.toml | 1 + bindings/python/Cargo.toml | 2 +- crates/fluss/Cargo.toml | 1 + bindings/cpp/Cargo.toml => deny.toml | 37 ++++++++++++++++++++---------------- 6 files changed, 41 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cf7a126..e9048fb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,6 +38,14 @@ jobs: - name: Check License Header uses: apache/skywalking-eyes/[email protected] + - name: Install cargo-deny + uses: taiki-e/install-action@v2 + with: + tool: [email protected] + + - name: Check dependency licenses (Apache-compatible) + run: cargo deny check licenses + - name: Install protoc run: sudo apt-get update && sudo apt-get install -y protobuf-compiler diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index a8a6d53..1f4a70e 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -104,6 +104,15 @@ cargo test --features integration_tests --workspace ``` +### License check (cargo-deny) + +We use [cargo-deny](https://embarkstudios.github.io/cargo-deny/) to ensure all dependency licenses are Apache-compatible. Configuration is in `deny.toml` at the repo root. + +```bash +cargo install cargo-deny --locked +cargo deny check licenses +``` + ### Formatting and Clippy Our CI runs cargo formatting and clippy to help keep the code base styling tidy and readable. Run the following commands and address any errors or warnings to ensure that your PR can complete CI successfully. diff --git a/bindings/cpp/Cargo.toml b/bindings/cpp/Cargo.toml index 0bbcbf0..0b83de9 100644 --- a/bindings/cpp/Cargo.toml +++ b/bindings/cpp/Cargo.toml @@ -19,6 +19,7 @@ name = "fluss-cpp" version = "0.1.0" edition.workspace = true +license.workspace = true rust-version.workspace = true publish = false diff --git a/bindings/python/Cargo.toml b/bindings/python/Cargo.toml index ff4d687..0a0daff 100644 --- a/bindings/python/Cargo.toml +++ b/bindings/python/Cargo.toml @@ -19,7 +19,7 @@ name = "fluss_python" edition = "2024" version = "0.1.0" -license = "apache-2.0" +license.workspace = true rust-version = "1.85" [lib] diff --git a/crates/fluss/Cargo.toml b/crates/fluss/Cargo.toml index 6b2707b..c923594 100644 --- a/crates/fluss/Cargo.toml +++ b/crates/fluss/Cargo.toml @@ -17,6 +17,7 @@ [package] edition = { workspace = true } +license.workspace = true rust-version = { workspace = true } version = { workspace = true } name = "fluss" diff --git a/bindings/cpp/Cargo.toml b/deny.toml similarity index 59% copy from bindings/cpp/Cargo.toml copy to deny.toml index 0bbcbf0..7c91171 100644 --- a/bindings/cpp/Cargo.toml +++ b/deny.toml @@ -15,22 +15,27 @@ # specific language governing permissions and limitations # under the License. -[package] -name = "fluss-cpp" -version = "0.1.0" -edition.workspace = true -rust-version.workspace = true -publish = false +# cargo-deny configuration: https://embarkstudios.github.io/cargo-deny/ +# Ensures dependency licenses are Apache-compatible (ASF Category A/B style). -[lib] -crate-type = ["staticlib"] +[licenses] +# Reject unlicensed and copyleft; allow only permissive (ASF Category A style). +unlicensed = "deny" +copyleft = "deny" +default = "deny" +allow = [ + "Apache-2.0", + "Apache-2.0 WITH LLVM-exception", + "BSD-2-Clause", + "BSD-3-Clause", + "CC0-1.0", + "CDLA-Permissive-2.0", + "ISC", + "MIT", + "Unicode-3.0", + "Unicode-DFS-2016", + "Unlicense", + "Zlib", +] -[dependencies] -anyhow = "1.0" -arrow = { workspace = true, features = ["ffi"] } -cxx = "1.0" -fluss = { path = "../../crates/fluss" } -tokio = { version = "1.27", features = ["rt-multi-thread", "macros"] } -[build-dependencies] -cxx-build = "1.0"
