-
Notifications
You must be signed in to change notification settings - Fork 4
/
.ort.yml
22 lines (18 loc) · 1.32 KB
/
.ort.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# SPDX-FileCopyrightText: 2014-2021 Sequent Tech Inc <contact@sequentech.io>
#
# SPDX-License-Identifier: AGPL-3.0-only
---
resolutions:
rule_violations:
- message: "The package (PIP|PyPI)::(tally-methods|tally-pipes-requirements):.* has the declared ScanCode copyleft catalogized license AGPL-3.0-only."
reason: "LICENSE_ACQUIRED_EXCEPTION"
comment: "The project is open source so it's normal that it's set as such."
- message: "The project PIP::tally-pipes-requirements:.* has the dependency PyPI::tally-methods:.* licensed under the ScanCode copyleft categorized license AGPL-3.0-only."
reason: "LICENSE_ACQUIRED_EXCEPTION"
comment: "The project is open source so it's normal that it's set as such."
- message: "The package PyPI::.* has the declared ScanCode copyleft-limited categorized license LGPL.*"
reason: "DYNAMIC_LINKAGE_EXCEPTION"
comment: "This is not a problem because python modules are always dynamic, see https://stackoverflow.com/questions/8580223/using-python-module-on-lgpl-license-in-commercial-product and https://mail.python.org/pipermail/tutor/2015-June/105759.html."
- message: "The package PyPI::.* has the declared ScanCode copyleft-limited categorized license MPL.*"
reason: "DYNAMIC_LINKAGE_EXCEPTION"
comment: "This is not a problem because we are not modifying the MPL code."