Honestly, if we are going to track this, we should probably do the set
of things that reviewers tend to do when running through these.

License:
Upstream Location:
Ubuntu/Debian Package: Y/N? (url)
Fedora Package: Y/N? (url)
Suse Package: Y/N? (url)
Last Release: Date (in case of abandonware)
Python 3 support: Y/N? (informational only)

I'd honestly stick that in a yaml file instead, and have something
sanity check it on new requirements add.

        -Sean

On 02/17/2014 11:42 AM, Doug Hellmann wrote:
> 
> 
> 
> On Mon, Feb 17, 2014 at 11:01 AM, Thierry Carrez <thie...@openstack.org
> <mailto:thie...@openstack.org>> wrote:
> 
>     Hi everyone,
> 
>     A year ago there was a discussion about doing a license inventory on
>     OpenStack dependencies, to check that they are compatible with our own
>     license and make sure any addition gets a proper license check.
> 
>     Back then I proposed to leverage the openstack/requirements repository
>     to store that information, but that repository was still science-fiction
>     at that time. Now that it's complete and functional, I guess it's time
>     to revisit the idea.
> 
>     Should we store licensing information as a comment in the *-requirements
>     files ? Can it be stored on the same line ? Something like:
> 
>     oslo.messaging>=1.3.0a4  # Apache-2.0
> 
> 
> Tracking it in that file makes sense; I'm not sure about the proposed
> syntax. Do we need to track any other info? Do we need to process the
> license automatically to generate a report or something, where we would
> want to know that the value was a license string and not a note of some
> other sort?
> 
> It does look like the requirements file parser will ignore trailing
> comments.
> 
> Doug
>  
> 
> 
>     --
>     Thierry Carrez (ttx)
> 
>     _______________________________________________
>     OpenStack-dev mailing list
>     OpenStack-dev@lists.openstack.org
>     <mailto:OpenStack-dev@lists.openstack.org>
>     http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 
> 
> 
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev@lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 


-- 
Sean Dague
Samsung Research America
s...@dague.net / sean.da...@samsung.com
http://dague.net

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to