[rl-reuse_tool-4] Violation against OSS Rules of Play

[sap-ospo-bot]

A violation against the OSS Rules of Play has been detected.

Rule ID: rl-reuse_tool-4
Explanation: Is it compliant with REUSE rules? No

Find more information at: https://sap.github.io/fosstars-rating-core/oss_rules_of_play_rating.html

[TeresaCerdeiraSAP]

hi @dellagustin-sap !
Can you help the team to understand a bit better what this issue is about?
Thanks

[dellagustin-sap]

Hello @TeresaCerdeiraSAP , the documentation about those is internal, I'll send you a link.

[dellagustin-sap]

Hello @TeresaCerdeiraSAP , I have checked this finding with the reuse command line using the docker (run docker run --rm --volume $(pwd):/data fsfe/reuse lint at the root of the repository).

It seems to be false positive, as the result is positive, so it seems to be a false positive:

❯ docker run --rm --volume $(pwd):/data fsfe/reuse lint
# SUMMARY

* Bad licenses:
* Deprecated licenses:
* Licenses without file extension:
* Missing licenses:
* Unused licenses:
* Used licenses: Apache-2.0
* Read errors: 0
* Files with copyright information: 439 / 439
* Files with license information: 439 / 439

Congratulations! Your project is compliant with version 3.0 of the REUSE Specification :-)

We will need to check it, I'll follow up internally.

[ajinkyapatil8190]

The reuse badge is not displayed in readme, That is why this issue is created - #25 should fix this.

[dellagustin-sap]

@ajinkyapatil8190 thank you for jumping in and sending the PR, I was about to write you 😄 .

[TeresaCerdeiraSAP]

Thank you both @dellagustin-sap @ajinkyapatil8190 !

[dellagustin-sap]

@TeresaCerdeiraSAP , heads up, there are some warnings on the REUSE compliance, you may want to take a look with low priority:

At https://api.reuse.software/info/github.com/SAP/sap-customer-data-cloud-toolkit
Last lint output
Commit 8a0769c was checked on 15 Sep 2023 16:40:26 UTC with the following result:

/opt/venv/lib/python3.10/site-packages/reuse/project.py:224: PendingDeprecationWarning: Copyright and licensing information for 'README.md' has been found in both 'README.md' and in the DEP5 file located at '.reuse/dep5'. The information for these two sources has been aggregated. In the future this behaviour will change, and you will need to explicitly enable aggregation. See <https://github.com/fsfe/reuse-tool/issues/779>. You need do nothing yet. Run with `--suppress-deprecation` to hide this warning.
  warnings.warn(
/opt/venv/lib/python3.10/site-packages/reuse/project.py:224: PendingDeprecationWarning: Copyright and licensing information for 'src/constants.js' has been found in both 'src/constants.js' and in the DEP5 file located at '.reuse/dep5'. The information for these two sources has been aggregated. In the future this behaviour will change, and you will need to explicitly enable aggregation. See <https://github.com/fsfe/reuse-tool/issues/779>. You need do nothing yet. Run with `--suppress-deprecation` to hide this warning.
  warnings.warn(
/opt/venv/lib/python3.10/site-packages/reuse/project.py:224: PendingDeprecationWarning: Copyright and licensing information for 'src/initAppReact.js' has been found in both 'src/initAppReact.js' and in the DEP5 file located at '.reuse/dep5'. The information for these two sources has been aggregated. In the future this behaviour will change, and you will need to explicitly enable aggregation. See <https://github.com/fsfe/reuse-tool/issues/779>. You need do nothing yet. Run with `--suppress-deprecation` to hide this warning.
  warnings.warn(
/opt/venv/lib/python3.10/site-packages/reuse/project.py:224: PendingDeprecationWarning: Copyright and licensing information for 'src/redux/credentials/utils.js' has been found in both 'src/redux/credentials/utils.js' and in the DEP5 file located at '.reuse/dep5'. The information for these two sources has been aggregated. In the future this behaviour will change, and you will need to explicitly enable aggregation. See <https://github.com/fsfe/reuse-tool/issues/779>. You need do nothing yet. Run with `--suppress-deprecation` to hide this warning.
  warnings.warn(

They were all similar, I picked an excerpt so that it does not flood this issue.

[TeresaCommits]

Thanks for the heads up @dellagustin-sap. I will align with the team

[TeresaCerdeiraSAP]

Hi @dellagustin-sap , I was discussing the issue with the team.
Can you confirm there is no action needed because the information was aggregated this time?
" You need do nothing yet. Run with --suppress-deprecation to hide this warning."
Should this "--suppress-deprecation" be done by you?
Thanks and happy Friday!

[dellagustin-sap]

Hello @TeresaCerdeiraSAP , there is no immediate action necessary, we don't need, or even can suppress this warnings as the information is coming from a 3rd party service.
What you need to consider is that in the future this warning may become an error.
It is not a big deal though, as I see now, the last update on fsfe/reuse-tool#779, referenced in the warning, is from June 22 and this topic seems to be stale there.
The waning happens because you have license information both at the .reuse/dep5 and the headers of the files.
As long as they do not conflict, this should not be a big problem.

[TeresaCerdeiraSAP]

Ok, we will have it in mind for the future 🙂Thanks @dellagustin-sap