github-mirrors/logstash
1
0
Fork 0
mirror of https://github.com/elastic/logstash.git synced 2025-04-23 06:08:19 -04:00
Code Issues Projects Releases Packages Wiki Activity
logstash/tools/dependencies-report
History
Exact
Rob Bavey 58314a7f0e
Update gradle version to 6.3 (#11742) 
* Update gradle version to 6.3

Gradle versions prior to 6.3 cannot run under JDK14.
This commit upgrades the version of Gradle to 6.3, and removes all deprecation warnings that can currently be removed.

Changes include:
* Increase gradle memory to 2g
* Increase gradle memory in the license check job to 2g
* Replace use of `testCompile`
* Replace `runtime` with `runtimeOnly`
* Remove`compile` depedencies from gradle files
* Replace deprecated archive methods
* Fix dependencies report build
* Make jruby dependencies 'api', fix archiveVersion
* Set `duplicatesStrategy` for all tasks of type Copy
* Use `configureEach` for global 'withType' calls
** Use the recommended Tasks API calls
(https://blog.gradle.org/preview-avoiding-task-configuration-time)
* Run `./gradlew wrapper` earlier to improve caching
* Use copy with chown for resources that need to be run during `./gradlew wrapper`
2020-04-07 12:49:36 -04:00
..
src Add apache and elastic license headers to source code files (#11673) 2020-03-11 11:53:38 +00:00
build.gradle Update gradle version to 6.3 (#11742) 2020-04-07 12:49:36 -04:00
gradle.properties Add license reporting task 2018-05-02 15:35:42 +00:00
README.md instructions on how to run tool, remove unused readlink call in script 2018-08-27 21:44:47 +00:00

README.md

Dependency audit tool

The dependency audit tool automates the verification of the following criteria for all third-party dependencies that are shipped as part of either Logstash core or the default Logstash plugins:

  • The dependency has been added to the dependency list file with an appropriate project URL and SPDX license identifier.
  • The license for the dependency is among those approved for distribution.
  • There is a corresponding NOTICE.txt file in the notices folder containing the appropriate notices or license information for the dependency. These individual notice files will be combined to form the notice file shipped with Logstash.

The dependency audit tool enumerates all the dependencies, Ruby and Java, direct and transitive, for Logstash core and the default plugins. If any dependencies are found that do not conform to the criteria above, the name of the dependency(ies) along with instructions for resolving are printed to the console and the tool exits with a non-zero return code.

The dependency audit tool should be run using the script in the bin folder:

$LS_HOME/bin/dependencies-report --csv report.csv