GedMarc
commented
3 months ago Hmm they are repackaged as shades on the original, no more than any other shading library in the same, The shade I do believe is meant to merge the licenses and include them all,
V1 also closed, prime faces isn't being brought into v2 in favor of modular alternatives :)
If you do find any legit misses though definitely please let me know, I'll check on the v2 snapshots to make sure it's being correctly 👍 Any assistance on correcting would also be greatly appreciated 👏
robert-gdv
This repository contains many libraries repackaged and published in maven central.
But this project declares a different License (GPLv3.0) that many of the included projects. GPLv3.0 is also intentionally not used for many projects because it renders the libraries practically unusable.
I doubt that you have the permission to republish their content with a different license.
This is also true for all the maven packages flagged as GPLv3.0.
e.g.: https://mvnrepository.com/artifact/org.primefaces/primefaces/12.0.0 - MIT https://mvnrepository.com/artifact/com.guicedee.services/primefaces/1.2.1.1-jre17 - GPLv3
Technically this causes an issue for my vulnerability scanner, because files in this repository are now paranoidly flagged as GPLv3.0, even if they were published with a "nicer" license by their original projects.