Most of the open-source repositories in networknt GitHub organization are released under the Apache 2.0 license or MIT license except json-overlay and openapi-parser, which are released under EPL 2.0 and EPL 1.0 license.
To provide IP Infringement Indemnity to our customers, we have thoroughly reviewed licenses and update all license/copyright headers in each source file for our open-source repositories.
Here is a list of actions we have done in general.
Made sure we have a LICENSE file in each repository to state the open source license clearly.
Added NOTICE files in each repository to clearly state the license and copyright of dependencies.
Updated source code to add license/copyright in the header.
For redistributed source code from the third-party open-source project, made sure that the correct license and copyright header are in each file. Corrected the license based on the parent project if necessary.
Updated the contribution guideline to ensure that the license, copyright and author are in each source file.
Here are all the related commits in each repository for auditing purposes.
Some of the private commercial components have dependencies on proprietary libraries; however, customers who are using these commercial components already have the proper licenses. For example, we have a private project light-mq for IBM MQ integration, which depends on the MQ java client. We assume that customers who are using light-mq have the proper license from IBM.