#2349 add a spdx compliant license, organization and scm information to the created pom of published mbeddr artifacts

mbeddr / mbeddr.core

The mbeddr core. An extensible C

Eclipse Public License 2.0

224 stars 77 forks source link

#2349 add a spdx compliant license, organization and scm information to the created pom of published mbeddr artifacts #2350

Closed KemalSoysal closed 9 months ago

KemalSoysal commented 9 months ago

Scanning projects for secure bill of materials (SBOM) is faciliated by the providing SPDX compliant license, organization and source code information.

The modification on the build scripts enhance the created pom.xml by the information.

The users of the platform will benefit from the additional information by using automated processes that analyze the pom.xml in their projects.

KemalSoysal commented 9 months ago

We are currently in the process of relicensing mbeddr based on customer requests. We probably switch to EPL 2.0 without a secondary license. Can you please use the 2.0 version? Thanks.

Please wait with the merging.

When the decision has been made, a change can be introduced by cherry-picking the commit for EPL-2.0. I will not delete the original branch.