Feature: Allow excluding projects with non-OSI approved licenses #126
Comments
|
Since this could omit legitimate open source contributions, perhaps it should output a list of people that were omitted, along with the repos they contributed to. That way, those repos could be checked to see if they list the wrong license. Also, a follow-on feature (which should be a separate issue) would be to allow configuring a list of other licenses that should be considered eligible, to handle non-OSI licenses that are still considered open source by whoever is running starfish. |
|
When #104 is implemented, it will also be looking at whether or not a repo has a license. My thought is that we'll see which one of these two issues gets implemented first, and then probably reuse the list of repos-without-a-license. +1 to the idea above of outputting a list of the contributions that are omitted based on this feature. |
danisyellis
added
Hacktoberfest
up-for-grabs
I believe the GitHub API can return the license for a given repo. OSI runs a server that lists approved licenses (https://github.com/OpenSourceOrg/api/blob/master/doc/endpoints.md). For each contribution, I think we could determine the license for the associated repo, and see if that is in the (current) list of OSI approved licenses. If it is not, we could ignore that contribution as we consider whether this user has made a contribution.
This should be optional, controlled by a configuration setting, with the default of using the current behavior (not filtering based on OSI license).
The text was updated successfully, but these errors were encountered: