Uploaded image for project: 'Build'
  1. Build
  2. BUILD-324

Check supplemental model in current bundle and update if necessary

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Neutral
    • None
    • None
    • None
    • None
    • 2

    Description

      We bundle some software libraries that are credited to an "unknown organization".  https://nexus.magnolia-cms.com/service/local/repositories/magnolia.enterprise.snapshots/archive/info/magnolia/eebundle/magnolia-enterprise-pro-demo-webapp/6.0-SNAPSHOT/magnolia-enterprise-pro-demo-webapp-6.0-20181112.124029-551.war/!/NOTICE.txt

      Issue and risk: Magnolia clients need to ensure that the software they use is compliant with the client's policies, for example that all software is open source (OSS). If we don't provide license and ownership information to support such checks then there might be room for "infringement", say an artifact has no OSS-compatible license.

      In the NOTICE.txt file we provide license information for all software libraries, so we are OK, but the creator organization is missing for some. It is good practice to fill the organization too, but not critical.

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                fgrilli Federico Grilli
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:

                  Checklists

                    Task DoR