This is an automated email from the ASF dual-hosted git repository.
yuxia pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/fluss-rust.git
The following commit(s) were added to refs/heads/main by this push:
new 3cdeb8c chore: introduce deny to check licenses (#267)
3cdeb8c is described below
commit 3cdeb8cc6dbe7e280a136991866e375d212a5173
Author: yuxia Luo <[email protected]>
AuthorDate: Sat Feb 7 11:36:27 2026 +0800
chore: introduce deny to check licenses (#267)
---
.github/workflows/ci.yml | 8 ++++++++
DEVELOPMENT.md | 9 +++++++++
bindings/cpp/Cargo.toml | 1 +
bindings/python/Cargo.toml | 2 +-
crates/fluss/Cargo.toml | 1 +
bindings/cpp/Cargo.toml => deny.toml | 36 ++++++++++++++++++------------------
6 files changed, 38 insertions(+), 19 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cf7a126..e9048fb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -38,6 +38,14 @@ jobs:
- name: Check License Header
uses: apache/skywalking-eyes/[email protected]
+ - name: Install cargo-deny
+ uses: taiki-e/install-action@v2
+ with:
+ tool: [email protected]
+
+ - name: Check dependency licenses (Apache-compatible)
+ run: cargo deny check licenses
+
- name: Install protoc
run: sudo apt-get update && sudo apt-get install -y protobuf-compiler
diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md
index a8a6d53..a0669a7 100644
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -104,6 +104,15 @@ cargo test --features integration_tests --workspace
```
+### License check (cargo-deny)
+
+We use [cargo-deny](https://embarkstudios.github.io/cargo-deny/) to ensure all
dependency licenses are Apache-compatible. When present, configuration lives in
a `deny.toml` file at the repo root and should enforce an Apache-compatible
license policy.
+
+```bash
+cargo install cargo-deny --locked
+cargo deny check licenses
+```
+
### Formatting and Clippy
Our CI runs cargo formatting and clippy to help keep the code base styling
tidy and readable. Run the following commands and address any errors or
warnings to ensure that your PR can complete CI successfully.
diff --git a/bindings/cpp/Cargo.toml b/bindings/cpp/Cargo.toml
index 0bbcbf0..0b83de9 100644
--- a/bindings/cpp/Cargo.toml
+++ b/bindings/cpp/Cargo.toml
@@ -19,6 +19,7 @@
name = "fluss-cpp"
version = "0.1.0"
edition.workspace = true
+license.workspace = true
rust-version.workspace = true
publish = false
diff --git a/bindings/python/Cargo.toml b/bindings/python/Cargo.toml
index ff4d687..0a0daff 100644
--- a/bindings/python/Cargo.toml
+++ b/bindings/python/Cargo.toml
@@ -19,7 +19,7 @@
name = "fluss_python"
edition = "2024"
version = "0.1.0"
-license = "apache-2.0"
+license.workspace = true
rust-version = "1.85"
[lib]
diff --git a/crates/fluss/Cargo.toml b/crates/fluss/Cargo.toml
index 6b2707b..c923594 100644
--- a/crates/fluss/Cargo.toml
+++ b/crates/fluss/Cargo.toml
@@ -17,6 +17,7 @@
[package]
edition = { workspace = true }
+license.workspace = true
rust-version = { workspace = true }
version = { workspace = true }
name = "fluss"
diff --git a/bindings/cpp/Cargo.toml b/deny.toml
similarity index 66%
copy from bindings/cpp/Cargo.toml
copy to deny.toml
index 0bbcbf0..18ed544 100644
--- a/bindings/cpp/Cargo.toml
+++ b/deny.toml
@@ -15,22 +15,22 @@
# specific language governing permissions and limitations
# under the License.
-[package]
-name = "fluss-cpp"
-version = "0.1.0"
-edition.workspace = true
-rust-version.workspace = true
-publish = false
+[licenses]
+allow = [
+ "Apache-2.0",
+ "Apache-2.0 WITH LLVM-exception",
+ "BSD-2-Clause",
+ "BSD-3-Clause",
+ "CC0-1.0",
+ "ISC",
+ "MIT",
+ "Unicode-3.0",
+ "Zlib",
+]
-[lib]
-crate-type = ["staticlib"]
-
-[dependencies]
-anyhow = "1.0"
-arrow = { workspace = true, features = ["ffi"] }
-cxx = "1.0"
-fluss = { path = "../../crates/fluss" }
-tokio = { version = "1.27", features = ["rt-multi-thread", "macros"] }
-
-[build-dependencies]
-cxx-build = "1.0"
+exceptions = [
+ # open data licenses that SHOULD be OK
+ { crate = "webpki-roots", allow = [
+ "CDLA-Permissive-2.0",
+ ] },
+]
\ No newline at end of file
