[GPC] FW: OWASP Code Crawler

Jeff Williams jeff.williams at aspectsecurity.com
Thu Apr 15 09:59:12 EDT 2010



There’s some confusion about the license on the CodeCrawler project. The project details say CC-Attribution-Share-Alike, but you have to agree to the LGPL before downloading from CodePlex.  While there are some technical differences, both of these licenses agree that you can make modifications, but that if you distribute the modified software, you have to make the source available (under the same license).


So the question back to them is – Are you planning to distribute the code that you have modified?  There is some question about what “distribute” means, but some have argued that it even means *within* your organization.  Hopefully, they will *want* to contribute back their changes and improvements.  I’ve had some luck with this in the ESAPI project.


Let me know if you have questions.





From: global-projects-committee-bounces at lists.owasp.org [mailto:global-projects-committee-bounces at lists.owasp.org] On Behalf Of Paulo Coimbra
Sent: Thursday, April 15, 2010 9:43 AM
To: 'Global Projects Committee'
Cc: alessio.marziali at cyphersec.com
Subject: [GPC] FW: OWASP Code Crawler


Hello Committee,


Please see below Alessio’s email in which he is asking for our advice regarding Code Crawler’s licence issues. Could you please give us your insight on this?


Many thanks,


Paulo Coimbra,

OWASP Project Manager <https://www.owasp.org/index.php/Main_Page> 


From: alessio.marziali at cyphersec.com [mailto:alessio.marziali at cyphersec.com] 
Sent: quinta-feira, 15 de Abril de 2010 14:39
To: paulo.coimbra at owasp.org
Subject: Fw:OWASP Code Crawler


Hi Paulo,


I hope you are well, can you have a look at this email from Hans Wierts (ehealth.fgov.be) regarding Code Crawler? They are interested in the source code of the application and I guess they want to add some other features to the tool for internal support. I am writing you because of any possible license issues, given our current license, everyone who makes changes to the code should notify us and possibly contribute to the tool.


Do you want to give me some advices before replying to him? I got loads of this emails regarding the tool. I had some from Canada, China and Europe in General. Let me know.




From: Hans.Wierts at ehealth.fgov.be

To: alessio.marziali at cyphersec.com

Cc: Jean.Jochmans at ksz-bcss.fgov.be

Date: Thu, 15 Apr 2010 13:41:43 +0200

Subject: OWASP Code Crawler


Hi Alessio 

OWASP Code Crawler requirements are:
- .NET Framework 3.5 (Service Pack 1)
- Visual Studio 2008
- Windows Platform 

Can you let us know if Visual Studio 2010 is also ok, and what version we should use: 
- 2010 Professional 
- 2010 Premium 
- 2010 Ultimate 
- Test Professionam 2010 

Met vriendelijke groet,
Meilleures salutations,
Mit besten Grüßen,
With kind regards.

Interne Audit en Informatieveiligheid eHealth
Audit Interne & Sécurité de l'Information eHealth

J.G.E. (Hans) Wierts
Sint Pieterssteenweg 375
1040 Brussel
E: hans.wierts at ehealth.fgov.be
W: https://www.ehealth.fgov.be
T: +32 2 74 18 394
M: +32 473 710 944
F: +32 2 74 18 300

eHealth sluit elke aansprakelijkheid uit in verband met de juistheid, de volledigheid of het tijdig toekomen van de informatie in deze e-mail. Aan deze e-mail kunnen geen rechten worden ontleend en deze e-mail houdt in geen geval een erkenning van welkdanige aansprakelijkheid in.
Dit bericht is alleen bestemd voor de geadresseerde. Indien dit bericht niet voor u bestemd is, verzoeken wij u dit onmiddellijk aan ons te melden en het bericht te vernietigen.

eHealth décline toute responsabilité quant à l'exactitude, à l'exhaustivité et au délai de transmission des informations contenues dans cet e-mail. Aucun droit ne peut être revendiqué sur cet e-mail et cet e-mail n'implique en aucun cas une reconnaissance de responsabilité, quelle qu'elle soit.
Ce message s'adresse uniquement au destinataire. Si ce message ne vous est pas destiné, nous vous prions de nous le signaler immédiatement et de détruire le message. <https://www.ehealth.fgov.be/> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20100415/3349a6f5/attachment-0001.html 

More information about the Global-projects-committee mailing list