CopilotKit icon indicating copy to clipboard operation
CopilotKit copied to clipboard
Published 3 months ago verified publisher icon CopilotKit

🐛 Bug: Unable to procure v1.50.0 due to licence issue in @ag-ui/* dependencies

Open erowan opened this issue 3 months ago • 1 comments

♻️ Reproduction Steps

Hello I am trying to procure copilotkit into a corporate environment which maintains its own repos. The procurement process scans libs for vulnerabilities and checks that they hold a valid open source licence. The licence check for these dependencies has failed. We will not be able to bring copilot kit into the firm and evaluate it unless this is resolved.

@copilotkit/[email protected]

The following dependencies are Unknown to AMS:

  1. "Dependency - @ag-ui/client:0.0.42; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

  2. "Dependency - @ag-ui/core:0.0.37; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

  3. "Dependency - @ag-ui/core:0.0.42; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

  4. "Dependency - @ag-ui/encoder:0.0.42; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

  5. "Dependency - @ag-ui/langgraph:0.0.20; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

  6. "Dependency - @ag-ui/proto:0.0.42; License - Unknown; Status - Unknown; Designation - Unknown; Message - "

...

✅ Expected Behavior

A working procurement

❌ Actual Behavior

It failed as noted above

𝌚 CopilotKit Version

1.

📄 Logs (Optional)

1.50.0

erowan avatar Dec 15 '25 17:12 erowan

Hi @erowan!

The packages are created in the AG-UI repo: https://github.com/ag-ui-protocol/ag-ui

It is MIT licensed. Any clue why the internal scanner wouldn't be able to find it?

tylerslaton avatar Dec 15 '25 22:12 tylerslaton