-
Sub-task
-
Resolution: Done
-
Highest
-
None
-
None
-
None
Per Steve Winslow:
I wanted to circle back with a finding in the oparent project for your attention. This relates to the edu.washington.cs.types.checker:checker-framework:1.7.0 dependency, which is used by oparent but is pulled in at build time (so it shows up in the Nexus IQ scans rather than the codebase scans).
The checker-framework POM [1] and website [2] indicate that it is under the GPL-2.0 license with Classpath exception. This is a license that the ONAP TSC and Legal Subcommittee have generally wanted to avoid.
However, their website also indicates that the MIT license applies to the actual code that is intended for inclusion in programs, such as the annotations and run-time utility classes. I believe other ONAP repos have handled this by switching to use a different package that contains just those parts of checker-framework – from my notes I believe checker-compat-qual might be one that they've used, but I am not familiar enough with the framework to confirm.
Would oparent be able to remove checker-framework, and/or replace it with just the portion that is under the MIT license?