jdaugherty commented on code in PR #15530:
URL: https://github.com/apache/grails-core/pull/15530#discussion_r3035061888
##########
build-logic/plugins/src/main/groovy/org/apache/grails/buildsrc/SbomPlugin.groovy:
##########
@@ -95,7 +103,12 @@ class SbomPlugin implements Plugin<Project> {
'pkg:maven/com.oracle.coherence.ce/[email protected]?type=pom': 'UPL-1.0',
// does not have map based on license id
'pkg:maven/com.oracle.coherence.ce/[email protected]?type=pom': 'UPL-1.0',
// does not have map based on license id
'pkg:maven/opensymphony/[email protected]?type=jar'
: 'OpenSymphony', // custom license approved by legal LEGAL-707
- 'pkg:maven/org.jruby/[email protected]?type=jar'
: 'BSD-3-Clause'//
https://web.archive.org/web/20240822213507/http://www.jcraft.com/jzlib/LICENSE.txt
shows it's a 3 clause
+ 'pkg:maven/org.jruby/[email protected]?type=jar'
: 'BSD-3-Clause', //
https://web.archive.org/web/20240822213507/http://www.jcraft.com/jzlib/LICENSE.txt
shows it's a 3 clause
+ 'pkg:maven/org.jboss/[email protected]?type=pom'
: 'CC0-1.0', // upstream declares Public Domain with CC0 URL but no SPDX id
+
'pkg:maven/org.hibernate.tool/[email protected]?type=jar' :
'LGPL-2.1-only', // upstream pom does not expose SPDX id
+
'pkg:maven/org.hibernate.orm/[email protected]?type=jar':
'LGPL-2.1-only',
+
'pkg:maven/org.hibernate.tool/[email protected]?type=jar' :
'LGPL-2.1-only', // upstream pom does not expose SPDX id
Review Comment:
Same as above?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
