Dependencies with licensing problems

I'm adding license checking to Google Node team's repos using our [`js-green-licenses`](https://github.com/google/js-green-licenses) tool, and finds out that nodejs-common has two problematic dependencies: log-driver & modelo.

[log-driver](https://www.npmjs.com/package/log-driver) doesn't specify any licenses. A 3-year-old [commit](https://github.com/cainus/logdriver/commit/7caec881ea7e1082c6733218398ad45650fa850b) added the ISC license and bumped its version to 1.2.6 but no NPM packages have been published with that change.

[modelo](https://www.npmjs.com/package/modelo) is in a better situation. It has the LICENSE file in its repo but its `package.json` doesn't specify its license and js-green-licenses reports that as an error.

I filed an issue for log-driver: https://github.com/cainus/logdriver/issues/9, and a PR for modelo: https://github.com/kevinconway/Modelo.js/pull/20

This issue is for tracking those problems. Once they are resolved and new npm packages are published, we have to adjust the version numbers for them accordingly.

Until then, all our packages that depend on nodejs-common must have a package whitelist for `js-green-licenses`.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependencies with licensing problems #16

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Dependencies with licensing problems #16

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions