react-overlays flagged by legal/compliance scan because of dependency 'uncontrollable' #1036
Comments
ghost
changed the title
ghost
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Not a feature but more of a kind of request...
This package has 'uncontrollable@7.2.1' as a direct dependency.
Some organizations do not accept any code that has any reference to React's BSD license.
Since 2017, Facebook/React does not have a BSD license anymore, but an MIT license.
Uncontrollable, at file utils.js, on line 54, has a comment with a copy of the old React BSD copyright notice.
Packages that rely on Uncontrollable are being flagged in compliance scans because of the outdated copyright notice. Even packages that don't have it as a direct dependency are being flagged if they have react-overlays as a dependency (like react-bootstrap-typeahead, for example).
Solution
I've already raised an issue to Uncontrollable maintainers, asking them to change the mention to a BSD license to an MIT license.
If they're responsive, please try to reach them and ask them to release a new, updated version and update the version in your package.
Alternative
Use an alternative to Uncontrollable.
The text was updated successfully, but these errors were encountered: