Fix and optimize license check workflow logic by rauljzortega · Pull Request #1492 · EESSI/software-layer

rauljzortega · 2026-05-04T11:05:37Z

Fix logic in check_licenses.yml to prevent errors in merge/push events.

ocaisa · 2026-05-05T07:36:54Z

I'm looking at some of the results from the licenses check and wondering why the CI is not failing for them:

...
Underworld:
  2.16.4:
    License: not found
    Permission to redistribute: false
    Retrieved from: not found
aiohttp:
  3.9.5:
    License: not found
    Permission to redistribute: false
    Retrieved from: not found
debugpy:
  1.8.1:
    License: not found
    Permission to redistribute: false
    Retrieved from: https://aka.ms/microsoft/debugpy/blob/main/LICENSE
deprecation:
  2.1.0:
    License: not found
    Permission to redistribute: false
    Retrieved from: not found
ipywidgets:
  8.1.2:
    License: Other
    Permission to redistribute: false
    Retrieved from: https://jupyter.org/
jupyter-server:
  2.14.0:
    License: Other
    Permission to redistribute: false
    Retrieved from: https://jupyter.org/
...

all of these are clearly a problem, but the CI is not flagging them at all.

ocaisa · 2026-05-05T07:42:37Z

Ah, I see it generates a patch file...but perhaps it should actually fail when we do not have permission to redistribute and provide advice about what to do? The current CI will never fail, so no-one will pay attention to problems being introduced.

ocaisa · 2026-05-05T08:02:27Z

Also, ipywidgets is BSD 3-Clause which is the common licence for Jupyter, why is it picking up Other?

hvelab · 2026-05-11T08:40:29Z

Ah, I see it generates a patch file...but perhaps it should actually fail when we do not have permission to redistribute and provide advice about what to do? The current CI will never fail, so no-one will pay attention to problems being introduced.

This is the idea for when the results are more stable to not have now a failing CI all the time.

Also, ipywidgets is BSD 3-Clause which is the common licence for Jupyter, why is it picking up Other?

I suspect on the way to parse the packages, as it's not the same for a repository than for a package, and Underworld is a repository but all the dependencies are Python packages, so the way to go fetch the license can results in mistmatches like this. Good news though, while checking how to solve it I found out that ecosyste.ms released a new API for license fetching!: https://licenses.ecosyste.ms/docs/index.html

We will give it a try and update the pipeline, it could solve this particular issue

rauljzortega added 3 commits May 4, 2026 12:54

fix workflow errors in check_licenses.yaml

6072e61

add easystacks for testing purposes

0c6949e

fix logic to accumulate missing modules results from multiple easystacks

f78dde0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix and optimize license check workflow logic#1492

Fix and optimize license check workflow logic#1492
rauljzortega wants to merge 3 commits into
EESSI:mainfrom
rauljzortega:licenses

rauljzortega commented May 4, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

hvelab commented May 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

rauljzortega commented May 4, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

ocaisa commented May 5, 2026

Uh oh!

hvelab commented May 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants