The GitHub Actions job "Required Checks" on texera.git/main has failed. Run started by GitHub user Yicong-Huang (triggered by Yicong-Huang).
Head commit for run: b98c863127669dbb8c4a78ce0960c78e3742db5a / Jiadong Bai <[email protected]> chore(licensing): add --ignore-transitive-version flag and use it on PR builds (#4693) ### What changes were proposed in this PR? This PR relaxes the per-PR license-binary check so transitive-only version bumps no longer block unrelated PRs, while still enforcing the parts of the check that need legal review. Sub-task implementation for #4691; broader context in #4688. **Script (`bin/licensing/check_binary_deps.py`).** - New flag `--ignore-transitive-version`. Without it, behavior is unchanged (exact match). - Added direct-dependency loaders per ecosystem, reading the primary requirement files: - `python` → `amber/requirements.txt` (PEP 503 canonical names) - `npm` → `frontend/package.json` (`dependencies` + `devDependencies` + `peer*` + `optional*`) - `agent-npm` → `agent-service/package.json` - `jar` → every `*.sbt` and `Dependencies.scala` in the repo - Refactored the diff to surface four classes instead of just two: - `added` (new package not claimed) — **always fails** - `stale` (claimed but no longer bundled) — **always fails** - `drift_direct` (claimed direct dep, version changed) — **always fails** (a version bump can carry a license change) - `drift_transitive` (claimed transitive dep, version changed) — **fails by default; informational with `--ignore-transitive-version`** - For jars, the script bridges sbt-native-packager's `<groupId>.<artifactId>-<version>.jar` naming and SBT's bare artifactId by matching the trailing artifact segment after the last `.`, with Scala-version suffix stripping for `%%`/`%%%` libs. **CI (`.github/workflows/build.yml`).** - All four `check_binary_deps.py` invocations (frontend npm, jar, python, agent-npm) now pass `--ignore-transitive-version`. The exact-match check is preserved as the default and will be reused by the planned nightly job (sub-task #4692) so transitive drift remains visible and actionable on `main`. ### Any related issues, documentation, discussions? Resolves #4691. Sibling sub-task: #4692 (nightly exact-match job). Original report: #4688. ### How was this PR tested? End-to-end smoke tests run locally against the real combined LICENSE-binary built via `concat_license_binary.py` (113 python claims, 112 npm claims, 566 jar claims). For each ecosystem the four behavior modes were exercised by mutating a synthetic `pip-licenses.csv` / `3rdpartylicenses.json` / `lib/` directory: Verified on the CI job: https://github.com/apache/texera/actions/runs/25263088078/job/74073452760?pr=4693 <img width="1027" height="260" alt="Screenshot 2026-05-02 at 3 19 05 PM" src="https://github.com/user-attachments/assets/38bef6c0-9d1b-4869-baf7-5204a93313e7"; /> ### Was this PR authored or co-authored using generative AI tooling? Generated-by: Claude Code (claude-opus-4-7) --------- Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]> Report URL: https://github.com/apache/texera/actions/runs/25263687356 With regards, GitHub Actions via GitBox
