Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Fixed
Priority: Major
Fix Version/s: 2.4.0
Affects Version/s: None
Component/s: None
Labels:
None

Sprint:
7 - Til the Krack of dawn, 8 - FireKracker
Story Points:
1

Description

Exporter 1.0.8 - clean report...expect build Oct 14...clean report in BD and in Github as of Nov 23
Operator 2.4 - 1 new mediums (yellow). 1 carry-forward (already reviewed)... 1 missing license (unknown license)
Service Broker 1.2.1 - clean report in BD and Github as of Nov 23
Operator Backup 1.3.2 - 2 unks, 15 meds (yellow). same set in Nov 23 reports in BD and Github
B/Fluent-bit 1.2.2 - no suspect licenses reported. clean report as of Nov 23 in both BD and Github

Operator Logging 1.0.0 - last scan was 2 yrs ago

CN component	3rd party component	risk level	License	Notes
operator 2.4	python-certifi	med	Mozilla Public License 2.0	2022.9.24. was in 2.3. Already reviewed
operator 2.4	dsnet/compress	med	Mozilla Public License 2.0	v0.0.1. license is BSD-3clause (not MPL). Ceej looking at. ~~Needs review w/legal~~
operator 2.4	couchbaselabs/gocouchbaseio	High	Unknown License	v10.2.0. Needs license linked in BD

operator backup 1.3.2	Vault by HashiCorp	med
operator backup 1.3.2	couchbaselabs/gocaves	?	Unknown License	Needs license linked in BD
operator backup 1.3.2	couchbaselabs/gocouchbaseio	?	Unknown License	Needs license linked in BD
operator backup 1.3.2	errwrap	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	go-immutable-radix	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-cleanhttp	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-multierror	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-plugin	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-retryablehttp	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-rootcerts	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-uuid	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-go-version	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-golang-lru	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp-yamux	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7. 1Server review covers
operator backup 1.3.2	hashicorp/go-sockaddr	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	hashicorp/hcl	med	Mozilla Public License 2.0	Needs review w/legal or agreement 7.1 Server review covers
operator backup 1.3.2	python-certifi	med	Mozilla Public License 2.0	OK. Carryforward from 2.3. Already reviewed

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2022-11-23-19-04-48-720.png
147 kB
23/Nov/22 4:04 PM

Issue Links

Clones

K8S-2639 3rd party license review for 2.3 release

Open

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Justin Ashworth

Reporter:: Lynn Straus (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 04/Oct/22 1:49 PM

Updated:: 14/Dec/22 11:09 AM

Resolved:: 14/Dec/22 11:07 AM

Gerrit Reviews

There are no open Gerrit changes

3rd party license review for 2.4 release

Details

Description

Attachments

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty