You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Services which utilize or access the NVD API are asked to display the following notice prominently within the application: "This product uses the NVD API but is not endorsed or certified by the NVD." You may use the NVD name in order to identify the source of API content subject to these rules. You may not use the NVD name, to imply endorsement of any product, service, or entity, not-for-profit, commercial or otherwise.
While Dependency-Check itself may not be a service that utilizes or accesses the NVD API (I'm not a lawyer), my opinion is that software that makes use of Dependency-Check is most likely considered a service under the Terms of Use. Dependency-Check should automatically display the attribution notice at runtime so that consumers meet the NVD API Terms of Use.
The text was updated successfully, but these errors were encountered:
As of version 9.0.0, Dependency-Check is subject to the Terms of Use of the NVD API. Regarding attribution, the Terms of Use states the following.
While Dependency-Check itself may not be a service that utilizes or accesses the NVD API (I'm not a lawyer), my opinion is that software that makes use of Dependency-Check is most likely considered a service under the Terms of Use. Dependency-Check should automatically display the attribution notice at runtime so that consumers meet the NVD API Terms of Use.
The text was updated successfully, but these errors were encountered: