diff options
| -rw-r--r-- | contributors/devel/sig-architecture/godep.md | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/contributors/devel/sig-architecture/godep.md b/contributors/devel/sig-architecture/godep.md index 4b10a7d5..fc748b10 100644 --- a/contributors/devel/sig-architecture/godep.md +++ b/contributors/devel/sig-architecture/godep.md @@ -244,6 +244,16 @@ When importing a new dependency, be sure to keep an eye out for the following: - Does the dependency have a license that is compatible with the Kubernetes project? +Additionally: +- Look at the godeps file. Check that the only changes are what the PR claims + them to be. +- Check if there is a tagged release we can vendor instead of a random hash +- Scan the imported code for things like init() functions +- Look at the Kubernetes code changes and make sure they are appropriate + (e.g. renaming imports or similar). You do not need to do feature code review. +- If this is all good, approve, but don't LGTM, unless you also do code review + or unless it is trivial (e.g. moving from k/k/pkg/utils -> k/utils). + All new dependency licenses should be reviewed by either Tim Hockin (@thockin) or the Steering Committee (@kubernetes/steering-committee) to ensure that they are compatible with the Kubernetes project license. It is also important to note |