RE: Universal Package has no license field in metadata

Hi @stevedennis,

thanks for your reply, it would be really nice if this feature could be implemented. We would chat about this with our point of contact.

Thanks,
Florian

Hi there,

are there any possibilities to promote a package (internal feed) to next feed if the build is promoted?

The reason for this question is that my idea for a good workflow would be as followed:

• Developer commit changes in VCS
• CI-System builds and
  • upload package to feed universal-build
  • creates new build in proGet with previously uploaded package in state Build
• If the package will be tested the test-engineer could promote the build to state Test
  • now it would be nice if the packages (possible configurable) also would be promoted to another feed

Actually we should start a lookup for each package in the Package in the Build after promotion and should promote each Package manually (over Web-UI or pgutil-CLI) to another feed.

Would this be a possible workflow solution or there any other suggestions to work with package/build/promotion?

Best regards,
Florian

Hi there,

after evaluating a Conan Feed in ProGet it saw a confusing thing in the detection.
First of all I configured the License Check in System as follows:

• General -> Undetectable rule: Warn
• Compliant -> "Empty"

I created a really simple Conan Recipe which only defines some basic parameters (no files added):

class BasicConanfile(ConanFile):
    name = "test"
    version = "1.0"
    description = "A test recipe"
    license = "Apache-2.0"

After creating this and upload it to the Conan-Feed, I get the following correct information from Proget (Package Overview):

⛔ Package is Noncompliant
This package analysis resulted in a Noncompliant result because of an Unacceptable License (Apache-2.0).

Now I added Apache-2.0 to the Compliant Licenses and get the following information from Proget (Package Overview):

⚠ Warning: Use with Caution
No license detected

The Metadata for this Package shows me the following

License: 	None, Known type (Apache-2.0)

so I added the Apache-2.0 License-File to my sources of the Conan-Recipe and reuploaded it but the message from Proget is the same:
(Package Overview):

⚠ Warning: Use with Caution
No license detected

But the Metadata for this Package now shows me the following

License: 	SPDX Expression (Apache-2.0), Known type (Apache-2.0)

Could you check this?

Best regards
Florian

Hi there,

we are currently evaluating the use of Proget and found a possible limitation for our use case which referes to universal packages.

We have some kind of components which are build with third-party components (Licensed under MIT, Apache or so) or closed-source components.
The built components should be stored in a universal package, because it does not feed in a another package type (conan, rpm, deb, ...). It would be really nice if this package would show which licenses are involved in the build so that the Manager could check if all used licenses are compliant.

The third-party components could be something like the SoC-Vendor SDK which not really fit into a conan package to deploy it, it would better fit into a universal package but on this we could not set the license.

Is it possible to implement this feature or there other possible ways to build this in Proget.

Best regards,
Florian