Details
-
Task
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
-
7 - Til the Krack of dawn, 8 - FireKracker
-
1
Description
Exporter 1.0.8 - clean report...expect build Oct 14...clean report in BD and in Github as of Nov 23
Operator 2.4 - 1 new mediums (yellow). 1 carry-forward (already reviewed)... 1 missing license (unknown license)
Service Broker 1.2.1 - clean report in BD and Github as of Nov 23
Operator Backup 1.3.2 - 2 unks, 15 meds (yellow). same set in Nov 23 reports in BD and Github
B/Fluent-bit 1.2.2 - no suspect licenses reported. clean report as of Nov 23 in both BD and Github
Operator Logging 1.0.0 - last scan was 2 yrs ago
CN component | 3rd party component | risk level | License | Notes |
---|---|---|---|---|
operator 2.4 | python-certifi | med | Mozilla Public License 2.0 | 2022.9.24. was in 2.3. Already reviewed |
operator 2.4 | dsnet/compress | med | Mozilla Public License 2.0 | v0.0.1. license is BSD-3clause (not MPL). Ceej looking at. |
operator 2.4 | couchbaselabs/gocouchbaseio | High | Unknown License | v10.2.0. Needs license linked in BD |
operator backup 1.3.2 | Vault by HashiCorp | med | ||
operator backup 1.3.2 | couchbaselabs/gocaves | ? | Unknown License | Needs license linked in BD |
operator backup 1.3.2 | couchbaselabs/gocouchbaseio | ? | Unknown License | Needs license linked in BD |
operator backup 1.3.2 | errwrap | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | go-immutable-radix | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-cleanhttp | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-multierror | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-plugin | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-retryablehttp | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-rootcerts | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-uuid | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-go-version | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-golang-lru | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp-yamux | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7. 1Server review covers |
operator backup 1.3.2 | hashicorp/go-sockaddr | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | hashicorp/hcl | med | Mozilla Public License 2.0 | Needs review w/legal or agreement 7.1 Server review covers |
operator backup 1.3.2 | python-certifi | med | Mozilla Public License 2.0 | OK. Carryforward from 2.3. Already reviewed |
Attachments
Issue Links
- Clones
-
K8S-2639 3rd party license review for 2.3 release
- Open