mirror of https://github.com/elastic/logstash.git synced 2025-04-20 04:37:18 -04:00

History

github-actions[bot] 10512266af Update license checker with new logger dependency (#16695 ) (#16700 ) A new transative dependency on the `logger` gem has been added through sinatra 4.1.0. Update the license checker to ensure this is accounted for. (cherry picked from commit `e0ed994ab1`) Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>		2024-11-20 15:29:43 +00:00
..
src	Update license checker with new logger dependency (#16695 ) (#16700 )	2024-11-20 15:29:43 +00:00
build.gradle	update multiple dependencies (#16136 )	2024-05-08 09:13:41 +01:00
gradle.properties	Add license reporting task	2018-05-02 15:35:42 +00:00
README.md	rename references of master branch to main branch (#13301 )	2021-11-08 10:23:46 +00:00

README.md

Dependency audit tool

The dependency audit tool automates the verification of the following criteria for all third-party dependencies that are shipped as part of either Logstash core or the default Logstash plugins:

The dependency has been added to the dependency list file with an appropriate project URL and SPDX license identifier.
The license for the dependency is among those approved for distribution.
There is a corresponding NOTICE.txt file in the notices folder containing the appropriate notices or license information for the dependency. These individual notice files will be combined to form the notice file shipped with Logstash.

The dependency audit tool enumerates all the dependencies, Ruby and Java, direct and transitive, for Logstash core and the default plugins. If any dependencies are found that do not conform to the criteria above, the name of the dependency(ies) along with instructions for resolving are printed to the console and the tool exits with a non-zero return code.

The dependency audit tool should be run using the script in the bin folder:

$LS_HOME/bin/dependencies-report --csv report.csv