Light Platform License

Open Source License

Most of the open-source repositories in networknt GitHub organization are released under the Apache 2.0 license or MIT license except json-overlay and openapi-parser, which are released under EPL 2.0 and EPL 1.0 license.

To provide IP Infringement Indemnity to our customers, we have thoroughly reviewed licenses and update all license/copyright headers in each source file for our open-source repositories.

Here is a list of actions we have done in general.

• Made sure we have a LICENSE file in each repository to state the open source license clearly.
• Added NOTICE files in each repository to clearly state the license and copyright of dependencies.
• Updated source code to add license/copyright in the header.
• For redistributed source code from the third-party open-source project, made sure that the correct license and copyright header are in each file. Corrected the license based on the parent project if necessary.
• Updated the contribution guideline to ensure that the license, copyright and author are in each source file.

Here are all the related commits in each repository for auditing purposes.

light-4j

https://github.com/networknt/light-4j/commit/d26ed1d71ab7877a6cffebc9886481912c43e9de https://github.com/networknt/light-4j/commit/3b71ba837d16fb66d924810b011925ecc219a5b1 https://github.com/networknt/light-4j/commit/20259cabcb327a85cfb081fec35d28b09e72ca56 https://github.com/networknt/light-4j/commit/81cb3eef8b7f0955ac6582bc86196e05e5f2ef63 https://github.com/networknt/light-4j/commit/576e8ef6aabc14a83fb58b9568bad7ca5ccf3e4c

json-overlay

https://github.com/networknt/json-overlay/commit/361b5ed22e8432855a9022693934b9775cb5699e https://github.com/networknt/json-overlay/commit/7b16638931ce6f3cc312c75b02ae86775f271a93

openapi-parser

https://github.com/networknt/openapi-parser/commit/bdb8ed88e26ba6fdc4e9e4712119f06255626dd6 https://github.com/networknt/openapi-parser/commit/56bfcc3128ebb1e0cbdd6599edb1f772faf1f260

light-rest-4j

https://github.com/networknt/light-rest-4j/commit/470a92fe6aa00ee5c84fba09bae19563e46920c7 https://github.com/networknt/light-rest-4j/commit/0dd2e564ee96ae182971fad6e3efc9ebda0ab63c https://github.com/networknt/light-rest-4j/commit/97465950bb6f0402fe747a2d05be3b18f31acad1

json-schema-validator

https://github.com/networknt/json-schema-validator/commit/a000f78e3cb6da71159a3c35d25e124ccf47c599

light-spa-4j

https://github.com/networknt/light-spa-4j/commit/f28be07bb757405385b8dfdc3bc29e4acc696b50

light-router

https://github.com/networknt/light-router/commit/2955b3a7b8c679006270f0b795a4f8c16c9661ba

light-proxy

https://github.com/networknt/light-proxy/commit/05d50403569e3b71ee7ee624344d23122a610972

light-consumer-4j

https://github.com/networknt/light-consumer-4j/commit/1498a9a56b1e9bbc6872b1fdb16b09a00a766a4b

Commerical License

Some of the private commercial components have dependencies on proprietary libraries; however, customers who are using these commercial components already have the proper licenses. For example, we have a private project light-mq for IBM MQ integration, which depends on the MQ java client. We assume that customers who are using light-mq have the proper license from IBM.