cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sewechad
Level 4

Open Source Frameworks Identification

The automated component detection only identifies sub-components of a larger development framework. For example, our developers may be using Spring Boot framework, Angular 7 framework, etc. and CodeInsight will find 100+ sub-components and provide no hierarchy information for which components belong to the larger framework. This causes our analysts to waste a lot of effort researching the license of the sub-component.

 

The product should provide a method for establishing a license component hierarchy (see examples below) for complex open source frameworks so that we don’t have to waste a lot of effort researching obscure sub-component licenses.

 

Apache CXF (Apache 2.0)

                Component 1 (MIT)

                WSDL4J (CPL) à Weak Copyleft but follows ASF policy guidelines to only include binary file

 

Spring Boot (Apache 2.0)

                Component 1 (MIT)

                …

                Component 100 (CPPL)

 

Angular 7 JavaScript Framework (MIT)

                Node package 1 (MIT)

                …

Node package 1000 (???)

(1) Reply
tphamda
Revenera
Revenera

Hi @sewechad,

We sincerely apologize for our lack of response. Going forward, we will be making a concerted effort to respond to all forum questions in a timely manner as well as responding to all previously asked questions on our forum. If you or someone else still has this question, here is our response:

Your request would likely require a large enhancement to our product. I would recommend opening a new support case to further discuss the enhancement with us.

0 Kudos