supermassive-todomvc 1.0.1-0

[clearlydefinedbot]

Type: Missing

Summary:
supermassive-todomvc 1.0.1-0

Details:
Add MIT License

Resolution:
License Url:
https://github.com/microsoft/graphitation/blob/main/LICENSE

Description:

Pull request generated by Microsoft tooling.

Affected definitions:

• supermassive-todomvc 1.0.1-0

[clearlydefinedbot]

You can review the change introduced to the full definition at ClearlyDefined.

[capfei]

If I'm reading this correctly, then it looks like this package shouldn't have been published publicly: microsoft/graphitation#154

I found this repo through the other packages, not this one. All of the other packages in the example folder have not been published and the package.json still lists it as a private package. Was MIT added last week because this was published accidentally a couple of years ago?

@ariel11 @AE49 What do you think? MIT or NONE?

[ariel11]

@capfei - well, if we go with what license information was provided in/for the package at the time it was (mistakenly) published, it would be "NONE," so I would recommend going with that.

[LSDima]

@capfei, @ariel11 I've added MIT as a license here because we got a Security Alert in our Pipeline Component Governance. I'll post below de description in case you don't have access to that:

Description
To validate the use of open source, Component Governance needs additional license information. Our tooling depends on the publicly accessible open source database ClearlyDefined for this information, and ClearlyDefined does not have information for this component. This is a rare occurrence, and requires input from you.

Please provide:

The license for this component;
A url to the license for this component;
Optionally, describe why you think this is the license for this component.
When you click "submit" Component Governance will automatically create a pull request in ClearlyDefined for the ClearlyDefined open source community to review according to these guidelines - ClearlyDefined Review Guidelines.

With your submission please keep in mind ClearlyDefined community members are not Microsoft employees, and donate their time when reviewing submissions.

If MIT is not the proper license, please help us figure out which one is as MIT is the only one I could find inside the package.

[ariel11]

If MIT is not the proper license, please help us figure out which one is as MIT is the only one I could find inside the package.

@LSDima - this is a public open source project. Please contact your internal support if you have license or security questions. As for the curation of this component, ClearlyDefined simply reports the license info provided with/in the package. Where did you find MIT inside this package?

[LSDima]

If MIT is not the proper license, please help us figure out which one is as MIT is the only one I could find inside the package.

@LSDima - this is a public open source project. Please contact your internal support if you have license or security questions. As for the curation of this component, ClearlyDefined simply reports the license info provided with/in the package. Where did you find MIT inside this package?

Very sorry, I've meant the repo, not the package: https://github.com/microsoft/graphitation/blob/main/LICENSE.

[freiksenet]

Hi! I'm the maintainer of the repository. The whole repository is licensed as MIT, therefore examples are MIT too, even if they are not published.

[ariel11]

@freiksenet - OK, great - with your confirmation that you meant for the [published NPM package] (https://www.npmjs.com/package/supermassive-todomvc/v/1.0.1-0) to also be MIT licensed (as the published package has no license information at all or a link back to the project repo), we can add "MIT" for the package to this public license repository (ClearlyDefined). @capfei - FYI on the license confirmation from the project maintainer. Thanks!