mirror of https://github.com/elastic/logstash.git synced 2025-04-22 13:47:21 -04:00

History

kaisecheng 2d69d06809 use UBI9 as base image (#17156 ) - the base image change from ubi8 to ubi9 - remove installation of curl		2025-02-28 09:29:19 +00:00
..
src	use UBI9 as base image (#17156 )	2025-02-28 09:29:19 +00:00
build.gradle	update multiple dependencies (#16136 )	2024-05-08 09:13:41 +01:00
gradle.properties	Add license reporting task	2018-05-02 15:35:42 +00:00
README.md	rename references of master branch to main branch (#13301 )	2021-11-08 10:23:46 +00:00

README.md

Dependency audit tool

The dependency audit tool automates the verification of the following criteria for all third-party dependencies that are shipped as part of either Logstash core or the default Logstash plugins:

The dependency has been added to the dependency list file with an appropriate project URL and SPDX license identifier.
The license for the dependency is among those approved for distribution.
There is a corresponding NOTICE.txt file in the notices folder containing the appropriate notices or license information for the dependency. These individual notice files will be combined to form the notice file shipped with Logstash.

The dependency audit tool enumerates all the dependencies, Ruby and Java, direct and transitive, for Logstash core and the default plugins. If any dependencies are found that do not conform to the criteria above, the name of the dependency(ies) along with instructions for resolving are printed to the console and the tool exits with a non-zero return code.

The dependency audit tool should be run using the script in the bin folder:

$LS_HOME/bin/dependencies-report --csv report.csv