The company I work for has a whitelist for which licenses are approved and can be imported into the company and I’m having a hard time finding the license under which the Gradle build-scan plugin is being released under.
I looked at the build scans guide and also inside the build scan jar, and found no LICENSE file at the root. I did find META-INF/LICENSE and META-INF/NOTICES but these seemed to apply to a repackaged version of Jackson.
I see that the open source portions of Gradle fall under the Apache 2.0 license, but the build-scan plugin is not open source.
To give more details, we are importing an open source product into the company that uses Gradle. That open source project depends on the build scan plugin. We run all our builds in a sandbox that doesn’t have network access and we specifically tell Gradle to run in offline mode which means that the build scan plugin is being disabled but still linked into the build.
It is unfortunate that the plugin and the service are both covered by the TOS.
What do you mean by importing an open-source product? Do you use the binary of an open-source project as a dependency in your build, or did you clone an open-source project and build it yourself? Assuming the latter is the case, why not just remove the build scan plugin from the build?
What is the matter for you with the TOS of the build scan plugin?
It is the latter, we clone an open-source project and build it ourselves using Gradle internally.
We can remove the build scan plugin ourselves but would like to not have to modify the open source projects build files just in-case it alters the build outcome in some way. It also adds some maintainability issues whenever the build files change as we may need to alter.
The TOS would need to go through legal review within the company before it can be imported since it is not on an approved whitelist of accepted licenses like (Apache License 2.0, BSD, Creative Commons Attribution, …). I’m not a lawyer and don’t know whether it would be accepted or not. I can start the process internally but will need to work around till legal gets back to me.
Thanks for the details. Given we have no plans to change the TOS, you will have to find another way to deal with your current open-source project scenario.