Linux Foundation License Scan report
Project: acumos
Subproject: (all subprojects)
Snapshot on: 2020-01 (show repos)
Subproject: (all subprojects)
Snapshot on: 2020-01 (show repos)
| acumos-azure-client | c26ad1c3 |
| acumos-c-client | 50cf135c |
| acumos-java-client | 7d4a9a06 |
| acumos-nexus-client | 1bd9cdd4 |
| acumos-python-client | 3f7aabc0 |
| acumos-r-client | 20d7ab29 |
| common-dataservice | 1655629d |
| common-dataservice/config-management | 311b9ee0 |
| databroker | 0105b871 |
| databroker/data-streamer | 1861b7e7 |
| databroker/dataset | 1811fbc4 |
| design-studio | ae3cba93 |
| docker-proxy | eef832ff |
| documentation | 6f2dd0e4 |
| face-privacy-filter | 0a3a8011 |
| federation | 05e69071 |
| generic-model-runner | 7d403418 |
| h2o-toolkit | ec31bedc |
| image-classification | 70e1d6a1 |
| image-mood-classifier | cbaac7f0 |
| kubernetes-client | beba4e70 |
| license-manager | e29aab79 |
| license-usage-manager | a184e23e |
| message-handling | 889745ca |
| microservice-generation | 6d61a6a6 |
| model-builder/h2o-model-builder | f06e6f4e |
| model-deployments/deployment-client | 668efbb0 |
| model-deployments/predictor-management | 08d757b0 |
| model-runner/h2o-model-runner | 794e614e |
| model-runner/rds-model-runner | 7a771011 |
| model-schema | 447559d6 |
| modeling-toolkit | c9776cf5 |
| on-boarding | 8d808367 |
| on-boarding/model-management | 05879af1 |
| openstack-client | 15bb54f2 |
| platform-oam | 3676e6d5 |
| platform-orchestration | 325857a7 |
| portal-marketplace | 69610db4 |
| proto-viewer | 36a336a7 |
| python-dcae-model-runner | f9574de3 |
| python-model-runner | faa0893d |
| runtime-orchestrator | 1c7ceaf9 |
| security-verification | 68a44c44 |
| spark-model-runner | 9ce47578 |
| system-integration | cb51a41e |
| test-automation | 4b368409 |
| test-models | 81a4bb02 |
| threat-analytics | a32255b1 |
| training | 2fee660b |
| vm-predictor | 13d4bc35 |
| workbench | 510ad82c |
| workbench/zeppelin | 36e9798b |
Key findings:
| Finding #1 |
| Priority: Very High |
|
This file indicates that sample images are provided only for testing and demonstration purposes, and are not authorized for sale or redistribution outside of this context. This statement, and the images it refers to, should be relicensed by the copyright holder under the Acumos project licenses, or else they should be removed from the repo.
|
| 1 file (show files) |
|
image-mood-classifier/web_demo/image-mood-classes.html
|
| Finding #2 |
| Priority: Very High |
|
This file indicates that sample videos may carry additional copyright restrictions and are not meant for public resale or consumption. This statement, and the videos it refers to, should be relicensed by the copyright holder under the Acumos project licenses, or else they should be removed from the repo.
|
| 3 files (show files) |
|
face-privacy-filter/docs/tutorials/demonstration.rst
image-classification/docs/tutorials/demonstration.rst image-mood-classifier/docs/tutorials/demonstration.rst |
| Finding #3 |
| Priority: High |
|
The version of this component in the repo is licensed under Facebook's old BSD-plus-PATENTS statement, which many see as problematic. I recommend either moving to a newer version of the applicable code that uses a standard open source license, if there is one; or else using an alternative component under a more appropriate license otherwise.
|
| 2 files (show files) |
|
portal-marketplace/acumos-portal-fe/src/main/webapp/app/acu-compose/js/css-layout.js
portal-marketplace/acumos-portal-fe/src/main/webapp/app/acu-compose/js/yoga-layout.js |
| Finding #4 |
| Priority: Medium |
|
This file appears to contain a list of dependencies (and corresponding licenses) originating from Apache Zeppelin. Can you confirm that none of the components listed in this file are contained within the repo itself, and that all of these are build-time dependencies?
|
| 1 file (show files) |
|
workbench-zeppelin/LICENSE
|
| Finding #5 |
| Priority: Low |
|
This package.json NPM manifest lists the license as just "Apache", without specifying a version number. There are multiple versions of Apache licenses with significantly different effects. I recommend updating this to say "Apache-2.0" to be more specific which version applies.
|
| 17 files (show files) |
|
workbench/dashboard-webcomponent/api/package.json
workbench/dashboard-webcomponent/package.json workbench/home-webcomponent/api/package.json workbench/home-webcomponent/component/package.json workbench/home-webcomponent/package.json workbench/notebook-catalog-webcomponent/api/package.json workbench/notebook-catalog-webcomponent/package.json workbench/notebook-webcomponent/api/package.json workbench/notebook-webcomponent/package.json workbench/pipeline-catalog-webcomponent/api/package.json workbench/pipeline-catalog-webcomponent/package.json workbench/pipeline-webcomponent/api/package.json workbench/pipeline-webcomponent/package.json workbench/project-catalog-webcomponent/api/package.json workbench/project-catalog-webcomponent/package.json workbench/project-webcomponent/api/package.json workbench/project-webcomponent/package.json |
License summary:
| Project licenses: | ||||
| Apache-2.0 | 3319 | |||
| Apache-2.0 (ASF header) | 11 | |||
| Apache-2.0 AND CC-BY-4.0 | 12 | |||
| CC-BY-4.0 | 1728 | |||
| Use restrictions: | ||||
| Apache-2.0 AND Testing-Demonstration-only-1 | 1 | |||
| CC-BY-4.0 AND LicenseRef-Sample-Video-Restrictions-1 | 3 | |||
| Wrong license statement: | ||||
| Apache (version unspecified) | 17 | |||
| Weak Copyleft: | ||||
| List of dependency licenses (CDDL-1.0 AND CDDL-1.1 AND EPL-1.0 AND MPL-1.1 AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND Jython AND MIT AND OFL-1.1 AND WTFPL AND Public domain statement) | 1 | |||
| Attribution: | ||||
| Apache-2.0 AND BSD-2-Clause-FreeBSD | 1 | |||
| Apache-2.0 AND CC-BY-4.0 AND MIT AND OFL-1.1 | 1 | |||
| Apache-2.0 AND MIT | 1 | |||
| BSD-3-Clause | 19 | |||
| BSD-3-Clause AND MIT | 1 | |||
| CC-BY-4.0 AND MIT AND OFL-1.1 | 2 | |||
| MIT | 137 | |||
| Other: | ||||
| Apache-2.0 AND MIT AND OFL-1.1 | 1 | |||
| Apache-2.0 AND OFL-1.1 | 1 | |||
| Facebook BSD-3-Clause + PATENTS | 2 | |||
| OFL-1.1 | 16 | |||
| Unlicense | 1 | |||
| No license found: | ||||
| No license found in file | 1076 | |||
| No license found in file - excluded file extension | 1669 | |||
| No license found in file - empty file | 46 | |||
| No license found in file - third party directory | 67 | |||
| TOTAL | 8133 | |||
Counts are numbers of files detected in the scanned repos.
Please contact Steve Winslow (swinslow@linuxfoundation.org) with any questions, comments, etc. regarding this report.