change allow-licenses-list to compliance from open-source-security an…

…d add clarification about dep-compliance in CONTRIBUTING.md Signed-off-by: LiZhenCheng9527 <lizhencheng6@huawei.com>
LiZhenCheng9527 · Jan 27, 2024 · 888a6a3 · 888a6a3
1 parent 19a94ba
commit 888a6a3
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 9 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -6,7 +6,7 @@ Welcome to Kurator!
 - [Before you get started](#before-you-get-started)
   - [Code of Conduct](#code-of-conduct)
   - [Community Expectations](#community-expectations)
-  - [Licences restrictions](#licences-restrictions)
+  - [Dependence Compliance](#dependence-compliance)
 - [Getting started](#getting-started)
 - [Your First Contribution](#your-first-contribution)
   - [Find something to work on](#find-something-to-work-on)
@@ -32,13 +32,10 @@ Kurator aims to help users to build their own distributed cloud native infrastru
 Kurator aims to provide turnkey automation for multi-cluster application management in multi-cloud and hybrid cloud scenarios,
 and intended to realize multi-cloud centralized management, high availability, failure recovery and traffic scheduling.
 
-## Licences restrictions
+## Dependence Compliance
 
-Please ensure that you have read the [license-lint](/common/config/license-lint.yaml)
-
-It specifies that licenses listed in the "restrictions" section cannot be used in the kurator project. Licenses in the "reciprocal_licenses" section can be used but modifications are not permitted.
-
-If you need to use a license that is not included in either section, please open a [Pull Requests](https://github.com/kurator-dev/kurator/pulls) for discussion.
+If your contribution involves changes to dependencies, please read [dependence-compliance](community/compliance/dependence-compliance.md) first.
+It outlines the guidelines for managing dependencies within the kurator project. Following these guidelines is important to ensure your changes can be properly reviewed and merged.
 
 # Getting started
 

diff --git a/...-source-security/allowed-licenses-list.md → ...unity/compliance/allowed-licenses-list.md b/...-source-security/allowed-licenses-list.md → ...unity/compliance/allowed-licenses-list.md
diff --git a/community/compliance/dependence-compliance.md b/community/compliance/dependence-compliance.md
@@ -74,7 +74,7 @@ Additionally:
 - If this is all good, approve, but don't LGTM, unless you also do code review
   or unless it is trivial (e.g. moving from k/k/pkg/utils -> k/utils).
 
-Licenses for dependencies are specified by the Kurator [allowed-licenses-list](/common/config/license-lint.yaml).
+Licenses for dependencies are specified by the Kurator [allowed-licenses-list](allowed-licenses-list.md).
 All new dependency licenses should be reviewed by @[kurator/dep-approvers] to ensure that they
 are compatible with the Kurator project license. It is also important to note
 and flag if a license has changed when updating a dependency, so that these can
@@ -85,7 +85,7 @@ an issue or send a message to the member of [kurator/dep-approvers].
 
 ## Licences restrictions
 
-In the Kurator project, there are compliance requirements for the licenses of dependencies used. We prohibit the use of dependencies with infectious licenses. You can check [allowed-licenses-list](/common/config/license-lint.yaml) to learn about Kurator project's specifications on license compliance.
+In the Kurator project, there are compliance requirements for the licenses of dependencies used. We prohibit the use of dependencies with infectious licenses. You can check [allowed-licenses-list](allowed-licenses-list.md) to learn about Kurator project's specifications on license compliance.
 
 It specifies that licenses listed in the "restrictions" section cannot be used in the kurator project. Licenses in the "reciprocal_licenses" section can be used but modifications are not permitted. Prohibition of licences in the "restricted_licenses" section.