fix:updated the package.json file #1456

coderabbitai · 2025-09-19T05:05:06Z

⚠️ Potential issue

🧩 Analysis chain

License switch to Apache-2.0 requires repo-wide compliance updates.

Confirm legal sign‑off, update LICENSE to Apache‑2.0, add/refresh NOTICE, and scrub MIT mentions (README badges, headers). Check other packages in the repo aren’t still declaring MIT.

Run to verify:

🏁 Script executed:

#!/bin/bash set -euo pipefail echo "1) LICENSE presence and content" test -f LICENSE && rg -n "Apache License, Version 2\.0" LICENSE || echo "LICENSE missing or not Apache-2.0" echo -e "\n2) NOTICE presence (Apache recommends)" test -f NOTICE || echo "NOTICE missing" echo -e "\n3) Residual MIT references (excluding build artifacts)" rg -nI -S '\bMIT\b' -g '!**/node_modules/**' -g '!**/dist/**' -g '!**/build/**' || true echo -e "\n4) package.json files still declaring MIT" fd -t f package.json | xargs -I{} rg -n '"license"\s*:\s*"MIT"' {} || true

Length of output: 405

🏁 Script executed:

#!/bin/bash set -euo pipefail echo "1) LICENSE presence and content" if [ -f LICENSE ]; then rg -n "Apache License, Version 2.0" LICENSE || grep -n "Apache License, Version 2.0" LICENSE || echo "LICENSE present but Apache-2.0 string not found" else echo "LICENSE missing" fi echo -e "\n2) NOTICE presence (Apache recommends)" test -f NOTICE || echo "NOTICE missing" echo -e "\n3) Residual MIT references (fallback to grep, excluding common build dirs)" grep -RIn --binary-files=without-match --exclude-dir=node_modules --exclude-dir=dist --exclude-dir=build --exclude-dir=.git -E '\bMIT\b' . || echo "no MIT matches found" echo -e "\n4) package.json files still declaring MIT" find . -type f -name package.json -not -path "./node_modules/*" -not -path "./dist/*" -not -path "./build/*" -print0 | \ while IFS= read -r -d '' file; do printf "\n== %s ==\n" "$file" grep -nE '"license"[[:space:]]*:[[:space:]]*"MIT"' "$file" || true done

Length of output: 384

Add NOTICE and obtain legal sign‑off — LICENSE already Apache‑2.0

LICENSE verified to contain "Apache License, Version 2.0" (found in LICENSE).

NOTICE file missing — add a root NOTICE with required attributions.

No residual "MIT" occurrences found; checked package.json files: ./package.json, ./libs/aws/package.json, ./libs/common/package.json (none declare MIT).

Obtain and record legal sign‑off (corporate approval / CLA/DCO) before merging.

🤖 Prompt for AI Agents

In package.json around line 6, the project already uses "Apache-2.0" but is missing the required root NOTICE file and needs legal sign‑off; add a NOTICE file at the repository root containing the required Apache 2.0 attribution statements and any third‑party notices used by the project, ensure the package.json license fields remain "Apache-2.0" (and update any other metadata if necessary), and obtain and record corporate legal approval (CLA/DCO or equivalent) before merging.

-Original file line number
+Diff line change
@@ -1,9 +1,9 @@
     {
       "name": "api-gateway",
-      "version": "2.0.0",
+      "version": "2.1.0",
       "description": "CREDEBL SSI Platform API Gateway",
-      "author": "",
-      "license": "MIT",
+      "author": "LFDT",
+      "license": "Apache-2.0",
       "scripts": {
         "prebuild": "rimraf dist",
         "build": "nest build",
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix:updated the package.json file #1456

Diff view

Diff view

There are no files selected for viewing

coderabbitai bot Sep 19, 2025

Uh oh!

fix:updated the package.json file #1456

Are you sure you want to change the base?

fix:updated the package.json file #1456

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

coderabbitai bot Sep 19, 2025

Choose a reason for hiding this comment

Uh oh!