github.com/cyphar/filepath-securejoin (MPL-2.0) not allowed under the CNCF's IP policy:

Hello,

while we were updating helm from v3 to v4 we can across this third party dependency which is not allowed by CNCF's IP policy.

```
$ go mod why github.com/cyphar/filepath-securejoin
# github.com/cyphar/filepath-securejoin
github.com/cilium/cilium/cilium-cli/install
helm.sh/helm/v4/pkg/action
helm.sh/helm/v4/pkg/chart/v2/util
github.com/cyphar/filepath-securejoin
```

I assume helm project needs to submit a request for license exception to the CNCF?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

github.com/cyphar/filepath-securejoin (MPL-2.0) not allowed under the CNCF's IP policy: #31525

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

github.com/cyphar/filepath-securejoin (MPL-2.0) not allowed under the CNCF's IP policy: #31525

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions