Skip to content

chore(license): migrate to MPL-2.0#75

Merged
hyperpolymath merged 1 commit into
mainfrom
license/migrate-to-mpl-2.0
May 27, 2026
Merged

chore(license): migrate to MPL-2.0#75
hyperpolymath merged 1 commit into
mainfrom
license/migrate-to-mpl-2.0

Conversation

@hyperpolymath

@hyperpolymath hyperpolymath commented May 26, 2026

Copy link
Copy Markdown
Owner

Summary

Migrates this repo's license declaration from PMPL-1.0-or-later to MPL-2.0.

Rationale: solo.

Changes

  • LICENSE file replaced with canonical MPL-2.0 text (including SPDX header).
  • Package metadata updated where present (Cargo.toml, package.json, deno.json, mix.exs, pyproject.toml).

Part of estate-wide metadata cleanup 2026-05-26.

@hyperpolymath
chore(license): migrate PMPL-1.0-or-later → MPL-2.0 (solo)
a68019c 
Replace LICENSE file with canonical MPL-2.0 text and update package
metadata (Cargo.toml/package.json/deno.json/mix.exs/pyproject.toml where
present) to declare the new SPDX identifier.

Rationale: solo.

Part of estate-wide metadata cleanup 2026-05-26.
@hyperpolymath hyperpolymath enabled auto-merge (squash) May 26, 2026 13:23
@github-actions

github-actions Bot commented May 26, 2026

Copy link
Copy Markdown

🔍 Hypatia Security Scan

Findings: 160 issues detected

Severity Count
🔴 Critical 14
🟠 High 84
🟡 Medium 62

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/reposystem/reposystem/tools/rsr-certified/extensions/vscode/src/extension.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "innerHTML assignment -- XSS risk, use textContent or SafeDOM (5 occurrences, CWE-79)",
    "type": "js_innerhtml",
    "file": "/home/runner/work/reposystem/reposystem/stateful-artefacts/browser-extension/scripts/popup.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "innerHTML assignment -- XSS risk, use textContent or SafeDOM (1 occurrences, CWE-79)",
    "type": "js_innerhtml",
    "file": "/home/runner/work/reposystem/reposystem/stateful-artefacts/browser-extension/scripts/content.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "innerHTML assignment -- XSS risk, use textContent or SafeDOM (4 occurrences, CWE-79)",
    "type": "js_innerhtml",
    "file": "/home/runner/work/reposystem/reposystem/stateful-artefacts/dashboard/js/dashboard.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "innerHTML assignment -- XSS risk, use textContent or SafeDOM (5 occurrences, CWE-79)",
    "type": "js_innerhtml",
    "file": "/home/runner/work/reposystem/reposystem/stateful-artefacts/annotation-layer/annotations.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "innerHTML assignment -- XSS risk, use textContent or SafeDOM (7 occurrences, CWE-79)",
    "type": "js_innerhtml",
    "file": "/home/runner/work/reposystem/reposystem/web/app.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "high"
  },
  {
    "reason": "HTTP URL in code -- use HTTPS for non-localhost (16 occurrences, CWE-319)",
    "type": "js_http_url_in_code",
    "file": "/home/runner/work/reposystem/reposystem/web/app.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "HTTP URL in code -- use HTTPS for non-localhost (1 occurrences, CWE-319)",
    "type": "js_http_url_in_code",
    "file": "/home/runner/work/reposystem/reposystem/gui/lib/rescript-tea/src/tea_svg.res.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  },
  {
    "reason": "HTTP URL in code -- use HTTPS for non-localhost (10 occurrences, CWE-319)",
    "type": "js_http_url_in_code",
    "file": "/home/runner/work/reposystem/reposystem/gui/lib/rescript-tea/src/tea_svg_attributes.res.js",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "medium"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

@hyperpolymath hyperpolymath merged commit 75fa1e3 into main May 27, 2026
13 of 15 checks passed
@hyperpolymath hyperpolymath deleted the license/migrate-to-mpl-2.0 branch May 27, 2026 12:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath