- ABP Framework version: v5.3.3
- UI type: MVC
- DB provider: EF Core
- Tiered (MVC): yes
Hello all,
We've been trying to make our OSS clearing. Our OSS clearing team have found @transloadit/prettier-bytes package which has a confusing license issue and said that it could be risky to use it for customers since it has AGPL license. When I look into the package-lock.json file of xx.IdentityServer project, I can see that it comes from @volo/account not directly but it's subcomponents.
When I examine the source code of the package, I see that the main source code has AGPL-v3 license. But when I go the packages folder and find the prettier-bytes folder, it is written as MIT license. https://github.com/transloadit/monolib/tree/%40transloadit/prettier-bytes%400.0.7. Also, when I search it on npm, I can confirm that it has MIT license for this version. Our team thinks that AGPL license overwrites MIT since the main source code has AGPL license. I know it is a strange case but I want to know your opinion or approach. We don't want to open our repository to public, of course. Is it safe to use it for end customers? What do you think about this issue?
1 Answer(s)
-
0
hi
Im not sure. I suggest you create an issue to confirm this.
https://github.com/transloadit/monolib