-
Notifications
You must be signed in to change notification settings - Fork 238
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
license metadata on pypi.org #975
Comments
We should fix pypi's confusion, but yes Apache2: https://github.com/nornir-automation/nornir/blob/main/LICENSE And https://github.com/nornir-automation/nornir/blob/main/pyproject.toml#L21 |
Should be fixed in @dgarros PR. |
@ktbyers I noticed that this issue has been addressed here, but it seems that a new release incorporating this fix has not yet been made. Could you please consider creating a new release of nornir that includes this fix? This would greatly help us in resolving the license compliance issue and continue using nornir in our projects without interruptions. Thank you! |
@cabellooa Why do you need a new release for this? I guess I don't really see how it helps you with respect to license compliance (as the pypi metadata is not the official statement of the license; the license file with source code in GitHub is the official statement of the license). The license is Apache2 (the license has always been Apache2). Note, even the metadata part of this was just a change of how external tooling parsed what we published (i.e. they changed/clarified the metadata strings that you needed to publish to indicate the license). |
This is due to a corporate license-checking proxy. We can't download the latest Nornir because our proxy thinks it is not open source. We thought if a new release were possible -- that could help us instead of trying to get an exception through internal security. |
Okay, we will see if anyone steps up to do the release. I don't think I can bring myself to do it this week as I already did a Netmiko release this week. |
@cabellooa @kjoyce77 FYI, I started working on this here: But am running into some Napalm PY3.13 issues that I need to fix first. |
And napalm is bottlenecked due to PyEZ and their issues with PY3.13 support, see: |
nornir is open source software licensed under the Apache Licence 2.0, isn't it?
At least I find no other statement within nornir's project page at github.com .
However, on pypi.org it looks different:
Beginning with release 3.2.0 there is (additionally to the Apache License) a reference to some 'Other/Proprietary License'.
Is this change of license just a bug in the metadata or did some real change occur?
This issue hits us because OSS gets scanned in our organization periodically, and every time nornir rings a bell and leads to manual checks.
If the mentioning of a proprietary license is just a bug, we would like to see it fixed.
The text was updated successfully, but these errors were encountered: