- Which SDK does this apply to? Which version of the SDK you are using?
firstname.lastname@example.org is licensed under MIT but it is using email@example.com which is licensed under CC-BY-SA-2.0. As per CC-BY-SA-2.0, firstname.lastname@example.org (and subsequently email@example.com and firstname.lastname@example.org) must also be licensed under CC-BY-SA-2.0 because it uses email@example.com.
However, a simple solution exists as firstname.lastname@example.org (3 patch versions later) is licensed under MIT. We can simply switch node-xml-encryption to use email@example.com, and increase the patch version of the libraries increased above in reverse order. A developer has already created a pull request to start fixing this very issue:
I have tried contacting the maintainers of node-xml-encryption on GitHub, but have not heard back from them. Would a developer at Auth0 be able to take a look and merge the pull request at their earliest convenience?