-
-
Notifications
You must be signed in to change notification settings - Fork 261
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Suspend distribution of Crowd2 plugin #755
Suspend distribution of Crowd2 plugin #755
Conversation
jenkins-infra/helpdesk#3854 explains that the Crowd2 integration plugin uses a dependency that is not open source licensed. The Crowd2 integration library is Atlassian licensed as described in jenkins-infra/helpdesk#3842 (comment) The Atlassian license is not an open source license. Refer to https://www.atlassian.com/legal/software-license-agreement for the details of the license. https://www.jenkins.io/project/governance/#license says that the Jenkins project requires plugins that it distributes to be open source, including their dependencies. When a closed source dependency is detected in a plugin, we suspend distribution of that plugin. If maintainers update the plugin to remove the closed source dependency, distribution can begin for the new release that removes the closed source dependency. Fixes jenkins-infra/helpdesk#3854
Could we ping the maintainers before suspending, so it at least doesn't catch them by surprise? |
The only active maintainer left is @DuMaM, FYI above. |
That's a great suggestion. I sent a message to the email address (as stored on accounts.jenknis.io) of the 5 maintainers. My guesses of the GitHub identities of those maintainers are: |
LGTM |
Hi Everyone, I will be unable to rewrite this and make it open source, but I've just bumped into this notice:
And, because of that, think it will be better to suspend this plugin. Could you please prepare, notification info for users about this change? Thanks |
Hi, I archived a plugin and labeled this as deprecated. |
Thanks for adding the The update center instructions say:
The addition to |
Suspend distribution of Crowd2 plugin
jenkins-infra/helpdesk#3854 explains that the Crowd2 integration plugin uses a dependency that is not open source licensed.
The Crowd2 integration library is Atlassian licensed as described in jenkins-infra/helpdesk#3842 (comment)
The Atlassian license is not an open source license. Refer to https://www.atlassian.com/legal/software-license-agreement for the details of the license.
https://www.jenkins.io/project/governance/#license says that the Jenkins project requires plugins that it distributes to be open source, including their dependencies. When a closed source dependency is detected in a plugin, we suspend distribution of that plugin. If maintainers update the plugin to remove the closed source dependency, distribution can begin for the new release that removes the closed source dependency.
Fixes jenkins-infra/helpdesk#3854