Opennms- source -26.0.0.1违反了我们的开源组织策略

Question

All-我们使用whitesource开源扫描扫描了我们的内部代码库，结果导致opennms-26.0.0-1违反了策略，研究发现这是来自于在apache2.0下授权的struts-JQuery-plug-in，我们的组织策略拒绝了agpl或lgpl许可证。因此，whitesource将opennms库显示为违规。有人能对此提出补救建议吗？如果struts-JQuery插件带来的是agpl许可的JQuery脚本文件，那么struts JQuery插件不应该在agpl下获得许可吗？

Answer 1

S2 jQuery插件不依赖于OpenNMS：

➜  struts2-jquery-plugin git:(release/4.1.x) mvn dependency:tree
[INFO] Scanning for projects...
[INFO]
[INFO] ---------< com.jgeppert.struts2.jquery:struts2-jquery-plugin >----------
[INFO] Building Struts 2 jQuery Plugin 4.1.0-SNAPSHOT
[INFO] --------------------------------[ jar ]---------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ struts2-jquery-plugin ---
[WARNING] The artifact xml-apis:xml-apis:jar:2.0.2 has been relocated to xml-apis:xml-apis:jar:1.0.b2
[INFO] com.jgeppert.struts2.jquery:struts2-jquery-plugin:jar:4.1.0-SNAPSHOT
[INFO] +- taglibs:standard:jar:1.1.2:test
[INFO] +- javax.servlet:jstl:jar:1.1.2:test
[INFO] +- org.apache.struts:struts-annotations:jar:1.0.6:compile
[INFO] |  \- org.freemarker:freemarker:jar:2.3.11:compile
[INFO] +- org.apache.struts:struts2-core:jar:2.5.26:compile
[INFO] |  +- ognl:ognl:jar:3.1.28:compile
[INFO] |  |  \- org.javassist:javassist:jar:3.20.0-GA:compile
[INFO] |  +- org.apache.logging.log4j:log4j-api:jar:2.12.1:compile
[INFO] |  +- commons-fileupload:commons-fileupload:jar:1.4:compile
[INFO] |  +- commons-io:commons-io:jar:2.6:compile
[INFO] |  \- org.apache.commons:commons-lang3:jar:3.8.1:compile
[INFO] +- org.apache.velocity:velocity:jar:1.5:compile
[INFO] |  +- commons-collections:commons-collections:jar:3.1:compile
[INFO] |  +- commons-lang:commons-lang:jar:2.1:compile
[INFO] |  \- oro:oro:jar:2.0.8:compile
[INFO] +- javax.servlet:jsp-api:jar:2.0:provided
[INFO] |  \- javax.servlet:servlet-api:jar:2.4:provided
[INFO] \- javax.servlet.jsp:jsp-api:jar:2.1:test

我不知道S2对OpenNMS有什么依赖(而且这没有多大意义)。