1. Home
  2. Categories
  3. Support
  4. How exactly does the License filter work?

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

How exactly does the License filter work?

  • ?

    So, in testing how to do the license filtering, I create a new feed called test of type npm. I add a feed connector to https://registry.npmjs.org. This works great.

    The issue comes when I try a set up a License Filter. Based on the help in the dialog box, I am under the impress is either wide-open, or a white-list, i.e. only the licenses listed are allowed. However, when I enter a bogus URL to test (call it https://www.google.com), and run an npm install socketio which is under ICS license, it still will install, along with the rest of the dependencies which are a mix of BSD-3-Clause, MIT, and ISC.

    Now, most of the package.json files simply have a line like:

     "license": "ISC",

    and not an actual URL, but one, configya, does in fact contain a URL pointing to the MIT license over at opensource.org.

    So, what am I doing wrong, or is the software does not work that way?

    Product: ProGet
    Version: 4.2.0

    0
  • ?

    Currently, only NuGet feeds use the license filter, it shouldn't be displayed on npm feeds...

    We do plan on adding support for better licensing filtering in a future version, as the current implemention is a bit limiting.

    0
proget 1568 npm 84 licensing 35
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation