Skip to content

#1830 https://github.com/mosip/commons/issues/1830 Move release-1.3.x changes to develop#74

Closed
kameshsr wants to merge 6 commits into
mosip:developfrom
kameshsr:merge-upstream-v1.3.1
Closed

#1830 https://github.com/mosip/commons/issues/1830 Move release-1.3.x changes to develop#74
kameshsr wants to merge 6 commits into
mosip:developfrom
kameshsr:merge-upstream-v1.3.1

Conversation

@kameshsr

@kameshsr kameshsr commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Summary by CodeRabbit

Release Notes

  • Documentation

    • Enhanced README with installation instructions, usage examples, and contribution guidelines.
    • Added comprehensive third-party license attribution and notices.
  • Chores

    • Updated project version to 1.4.0-SNAPSHOT and dependencies to latest MOSIP Kernel versions.
    • Refreshed CI/quality badges and repository metadata.
  • Tests

    • Improved exception handling validation in unit tests.

@coderabbitai

coderabbitai Bot commented Jun 3, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@kameshsr, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 48 minutes and 19 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9e065abf-e481-4f11-92d8-5c8029cf3ddc

📥 Commits

Reviewing files that changed from the base of the PR and between 134c767 and 414652d.

📒 Files selected for processing (3)
  • AGENTS.md
  • README.md
  • demosdk/pom.xml

Walkthrough

This PR upgrades the Demo SDK from version 1.2.1-SNAPSHOT to 1.4.0-SNAPSHOT, updates kernel library dependencies to 1.3.0, enhances documentation and license metadata, configures Maven plugins for artifact signing and release distribution, and applies minor test code import cleanup.

Changes

Release v1.4.0 Versioning and Build Configuration

Layer / File(s) Summary
Documentation and License Metadata
NOTICE, README.md, THIRD-PARTY-NOTICES, THIRD-PARTY-NOTICES.txt
NOTICE receives a new line. README.md is restructured with CI badges, overview, installation, usage, documentation, and contribution sections. THIRD-PARTY-NOTICES is updated to reflect v1.4.0-SNAPSHOT. THIRD-PARTY-NOTICES.txt is created with full dependency attribution, version notes, licenses, and homepage links.
Maven Artifact Versioning and Dependency Properties
demosdk/pom.xml
Project artifact version is bumped to 1.4.0-SNAPSHOT. Kernel library properties are updated to 1.3.0 (demographicsdk, logback, core, bom). Repository metadata is adjusted. The kernel-bom property name is corrected. Test dependencies are cleaned up to explicitly include mockito-core with version property and test scope.
Maven Plugin Management and Release Tooling
demosdk/pom.xml
Plugin management is added for spring-boot-maven-plugin (v3.2.3). Maven plugins are configured: surefire with argLine, jacoco with exclusions and execution phases, GPG plugin for artifact signing, source plugin for source jar attachment, assembly plugin with explicit make-assembly goal, and sonar profile with verify-phase binding.
Test Code Import Cleanup
demosdk/src/test/java/io/mosip/demosdk/client/impl/spec_1_0/ClientV1UnitTest.java
The mocked exception for TextMatcherUtil.phoneticsMatch(...) is changed to throw the imported EncoderException type instead of the fully-qualified path.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A version hop to 1.4, with badges and notices anew,
Dependencies aligned and plugins configured true,
From snapshot to snapshot, the kernels betide,
Build tools and GPG signing locked in stride!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly references issue #1830 and clearly describes the main objective: moving release-1.3.x changes to the develop branch, which aligns with the changeset updating versions, dependencies, and documentation.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

- Bumps kernel versions from 1.2.1-SNAPSHOT to 1.3.0 release
  (kernel-bom, kernel-core, kernel-logger-logback)
- Fixes organizationUrl to use https:// prefix in POM
- Adds THIRD-PARTY-NOTICES.txt and updates NOTICE with licensing attribution
- Aligns profiles block indentation with upstream style
- Cleans up ClientV1UnitTest to use imported EncoderException type

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: kameshsr <kameshsr1338@gmail.com>
@kameshsr kameshsr force-pushed the merge-upstream-v1.3.1 branch from 1fc2d1d to a432b61 Compare June 3, 2026 12:48
kameshsr and others added 4 commits June 3, 2026 18:24
Signed-off-by: kameshsr <kameshsr1338@gmail.com>
Remove duplicate declarations introduced during merge conflict resolution:
- Remove duplicate mockito-core dependency
- Remove duplicate maven-surefire-plugin
- Remove duplicate jacoco-maven-plugin
Also clean up whitespace and trailing comments in build section.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: kameshsr <kameshsr1338@gmail.com>
Trailing slash in snapshotRepository URL causes Maven to construct
double-slash artifact paths (e.g. /maven-snapshots//io/mosip/...)
resulting in 403 responses. Aligns with bio-utils pom.xml convention.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: kameshsr <kameshsr1338@gmail.com>
Signed-off-by: kameshsr <kameshsr1338@gmail.com>

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
THIRD-PARTY-NOTICES.txt (1)

129-129: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Remove stray "Footer" text.

Line 129 contains the word "Footer" which appears to be unintentional. Remove this line to clean up the file.

🧹 Proposed fix
 Full license texts and additional details for each of the above packages are available in the license/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.
-Footer
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@THIRD-PARTY-NOTICES.txt` at line 129, Remove the stray word "Footer" from the
THIRD-PARTY-NOTICES.txt file (the standalone token appearing on its own line);
open the file, delete that line containing only "Footer" so the file has no
extraneous footer marker, and save the file ensuring no other content is
altered.
🧹 Nitpick comments (3)
README.md (1)

61-61: ⚡ Quick win

Use descriptive link text instead of "click here".

Link text like "click here" is non-descriptive for accessibility and SEO. Use text that describes the destination, such as "code contribution guide" or "contributing guidelines".

♻️ Proposed fix
-• To learn how you can contribute code to this application, [click here](https://docs.mosip.io/community/code-contributions).
+• To learn how you can contribute code to this application, see the [code contribution guide](https://docs.mosip.io/community/code-contributions).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` at line 61, Replace the non-descriptive link text "click here" in
the README sentence "To learn how you can contribute code to this application,
click here" with descriptive text such as "code contribution guide" or
"contributing guidelines" so the sentence reads e.g. "To learn how you can
contribute code to this application, see the code contribution guide" and update
the Markdown link target to use that descriptive link text.
demosdk/pom.xml (2)

308-320: ⚡ Quick win

Update maven-source-plugin to a recent version.

Version 2.2.1 (released 2012) is outdated. Consider updating to version 3.3.x or later for improved compatibility and bug fixes.

♻️ Update to maven-source-plugin 3.3.1
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-source-plugin</artifactId>
-				<version>2.2.1</version>
+				<version>3.3.1</version>
 				<executions>
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@demosdk/pom.xml` around lines 308 - 320, The maven-source-plugin in the pom
is pinned to the old version "2.2.1"; update the plugin declaration (look for
the <plugin> block with artifactId "maven-source-plugin") to a current 3.3.x
release (e.g., "3.3.1") to ensure compatibility and bug fixes, keeping the
existing execution configuration (id "attach-sources" and goal "jar-no-fork")
intact; after changing the <version> element, run a Maven build to verify there
are no plugin configuration changes required by the newer release.

288-307: ⚡ Quick win

Update maven-gpg-plugin to a recent version.

The plugin is configured correctly for CI/CD signing with loopback pinentry. However, version 1.5 (released 2014) is outdated. Consider updating to version 3.2.x or later for:

  • Security fixes
  • Better compatibility with modern GPG versions
  • Bug fixes and improvements
♻️ Update to maven-gpg-plugin 3.2.7
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-gpg-plugin</artifactId>
-				<version>1.5</version>
+				<version>3.2.7</version>
 				<executions>
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@demosdk/pom.xml` around lines 288 - 307, The maven-gpg-plugin configuration
is correct, but the plugin version is outdated; update the plugin declaration in
the demosdk pom.xml to a modern 3.2.x release, ideally the suggested 3.2.7,
while keeping the existing sign-artifacts execution and loopback pinentry
configuration unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@demosdk/pom.xml`:
- Line 53: THIRD-PARTY-NOTICES.txt currently claims MOSIP Kernel Libraries
version 1.4.0-SNAPSHOT while demosdk/pom.xml pins kernel.demographicsdk.version
(and related properties kernel.core.version, kernel-bom.version) to 1.3.0 and
uses mockito-core 5.20.0; fix the mismatch by either updating the POM properties
kernel.demographicsdk.version, kernel.core.version, kernel-bom.version (and
mockito-core if intended) to 1.4.0-SNAPSHOT or, more likely, update
THIRD-PARTY-NOTICES.txt to list MOSIP Kernel Libraries Version: 1.3.0 (and
ensure listed artifacts kernel-core, kernel-bom, kernel-demographics-api,
kernel-logger-logback reflect 1.3.0) so the notice matches the actual POM
versions.

In `@README.md`:
- Line 3: The CI badge in README references the branch string "release-1.3.x";
confirm whether it should instead point to "develop" for this PR and update the
badge URL/branch token accordingly (look for the markdown line containing the
badge image URL and the branch query param `branch=release-1.3.x`), or leave it
as-is if intentionally showing release status; make the branch name consistent
with the repository's intended badge target.
- Line 57: The README contains a hard-coded documentation URL referencing
version "1.2.0"; update that URL string to point to the current version
"1.4.0-SNAPSHOT" (or replace it with a version-agnostic path if available) so
the documentation link is accurate—locate the URL
"https://github.com/mosip/documentation/tree/1.2.0/docs" in README.md and
replace the version segment with "1.4.0-SNAPSHOT" or the stable/branch path.

In `@THIRD-PARTY-NOTICES.txt`:
- Line 128: Update the final line of THIRD-PARTY-NOTICES.txt to reference the
correct directory name used in the repo: replace the incorrect "license/" path
with "licenses/" in the sentence "Full license texts and additional details for
each of the above packages are available in the license/ directory of this
repository..." so it reads "...available in the licenses/ directory...". Ensure
only that path token is changed and save the file.

---

Outside diff comments:
In `@THIRD-PARTY-NOTICES.txt`:
- Line 129: Remove the stray word "Footer" from the THIRD-PARTY-NOTICES.txt file
(the standalone token appearing on its own line); open the file, delete that
line containing only "Footer" so the file has no extraneous footer marker, and
save the file ensuring no other content is altered.

---

Nitpick comments:
In `@demosdk/pom.xml`:
- Around line 308-320: The maven-source-plugin in the pom is pinned to the old
version "2.2.1"; update the plugin declaration (look for the <plugin> block with
artifactId "maven-source-plugin") to a current 3.3.x release (e.g., "3.3.1") to
ensure compatibility and bug fixes, keeping the existing execution configuration
(id "attach-sources" and goal "jar-no-fork") intact; after changing the
<version> element, run a Maven build to verify there are no plugin configuration
changes required by the newer release.
- Around line 288-307: The maven-gpg-plugin configuration is correct, but the
plugin version is outdated; update the plugin declaration in the demosdk pom.xml
to a modern 3.2.x release, ideally the suggested 3.2.7, while keeping the
existing sign-artifacts execution and loopback pinentry configuration unchanged.

In `@README.md`:
- Line 61: Replace the non-descriptive link text "click here" in the README
sentence "To learn how you can contribute code to this application, click here"
with descriptive text such as "code contribution guide" or "contributing
guidelines" so the sentence reads e.g. "To learn how you can contribute code to
this application, see the code contribution guide" and update the Markdown link
target to use that descriptive link text.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 38fd129c-b7a8-479f-8758-5fefc8075d65

📥 Commits

Reviewing files that changed from the base of the PR and between 30ae6ef and 134c767.

📒 Files selected for processing (6)
  • NOTICE
  • README.md
  • THIRD-PARTY-NOTICES
  • THIRD-PARTY-NOTICES.txt
  • demosdk/pom.xml
  • demosdk/src/test/java/io/mosip/demosdk/client/impl/spec_1_0/ClientV1UnitTest.java

Comment thread demosdk/pom.xml Outdated
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

<kernel.demographicsdk.version>1.2.0</kernel.demographicsdk.version>
<kernel.demographicsdk.version>1.3.0</kernel.demographicsdk.version>

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify kernel 1.3.0 artifacts are available in Maven Central/OSSRH

echo "Checking kernel-demographics-api 1.3.0..."
curl -s -o /dev/null -w "%{http_code}" "https://repo1.maven.org/maven2/io/mosip/kernel/kernel-demographics-api/1.3.0/kernel-demographics-api-1.3.0.pom"

echo -e "\nChecking kernel-logger-logback 1.3.0..."
curl -s -o /dev/null -w "%{http_code}" "https://repo1.maven.org/maven2/io/mosip/kernel/kernel-logger-logback/1.3.0/kernel-logger-logback-1.3.0.pom"

echo -e "\nChecking kernel-core 1.3.0..."
curl -s -o /dev/null -w "%{http_code}" "https://repo1.maven.org/maven2/io/mosip/kernel/kernel-core/1.3.0/kernel-core-1.3.0.pom"

echo -e "\nChecking kernel-bom 1.3.0..."
curl -s -o /dev/null -w "%{http_code}" "https://repo1.maven.org/maven2/io/mosip/kernel/kernel-bom/1.3.0/kernel-bom-1.3.0.pom"

echo -e "\nChecking mockito-core 5.20.0..."
curl -s -o /dev/null -w "%{http_code}" "https://repo1.maven.org/maven2/org/mockito/mockito-core/5.20.0/mockito-core-5.20.0.pom"

Repository: mosip/demosdk

Length of output: 249


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== demosdk/pom.xml (relevant version properties) ==="
rg -n "kernel\.demographicsdk\.version|kernel-logger-logback\.version|kernel\.core\.version|kernel-bom\.version|mockito\.core\.version|<project\.version>" demosdk/pom.xml || true
echo
echo "=== THIRD-PARTY-NOTICES.txt (look for MOSIP Kernel Libraries / version) ==="
ls -la
find . -maxdepth 3 -type f -name "THIRD-PARTY-NOTICES.txt" -print
THIRD_FILE="$(find . -maxdepth 3 -type f -name "THIRD-PARTY-NOTICES.txt" -print | head -n 1 || true)"
if [ -z "$THIRD_FILE" ]; then
  echo "THIRD-PARTY-NOTICES.txt not found in repo (within 3 levels)."
  exit 0
fi
echo
echo "Using: $THIRD_FILE"
rg -n -i "MOSIP Kernel Libraries|Kernel Libraries|Version:" "$THIRD_FILE" || true
echo
# show nearby lines for the MOSIP Kernel Libraries section if present
if rg -n -i "MOSIP Kernel Libraries" "$THIRD_FILE" >/dev/null; then
  LN="$(rg -n -i "MOSIP Kernel Libraries" "$THIRD_FILE" | head -n1 | cut -d: -f1)"
  START=$((LN-20))
  END=$((LN+60))
  sed -n "${START},${END}p" "$THIRD_FILE" | cat -n
fi

Repository: mosip/demosdk

Length of output: 6108


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== demosdk/pom.xml (relevant version properties) ==="
rg -n "kernel\.demographicsdk\.version|kernel-logger-logback\.version|kernel\.core\.version|kernel-bom\.version|mockito\.core\.version|<project\.version>" demosdk/pom.xml || true
echo
echo "=== THIRD-PARTY-NOTICES.txt (look for MOSIP Kernel Libraries / version) ==="
find . -maxdepth 3 -type f -name "THIRD-PARTY-NOTICES.txt" -print
THIRD_FILE="$(find . -maxdepth 3 -type f -name "THIRD-PARTY-NOTICES.txt" -print | head -n 1 || true)"
if [ -z "$THIRD_FILE" ]; then
  echo "THIRD-PARTY-NOTICES.txt not found in repo (within 3 levels)."
  exit 0
fi

echo
echo "Using: $THIRD_FILE"
rg -n -i "MOSIP Kernel Libraries|Kernel Libraries|Version:" "$THIRD_FILE" || true
echo

# show nearby lines for the MOSIP Kernel Libraries section if present
if rg -n -i "MOSIP Kernel Libraries" "$THIRD_FILE" >/dev/null; then
  LN="$(rg -n -i "MOSIP Kernel Libraries" "$THIRD_FILE" | head -n1 | cut -d: -f1)"
  START=$((LN-20))
  END=$((LN+60))
  sed -n "${START},${END}p" "$THIRD_FILE" | cat -n
fi

Repository: mosip/demosdk

Length of output: 5324


Fix THIRD-PARTY-NOTICES.txt MOSIP Kernel Libraries version mismatch

  • demosdk/pom.xml pins MOSIP kernel artifacts to 1.3.0 (kernel.demographicsdk.version line 53, kernel.core.version line 67, kernel-bom.version line 68) and uses mockito-core 5.20.0 (line 73); these artifacts are available in Maven Central.
  • THIRD-PARTY-NOTICES.txt lists “MOSIP Kernel Libraries … Version: 1.4.0-SNAPSHOT” (lines 21-24, includes kernel-core, kernel-bom, kernel-demographics-api, kernel-logger-logback); update it to 1.3.0 (or bump the POM kernel versions to 1.4.0-SNAPSHOT if that’s intended).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@demosdk/pom.xml` at line 53, THIRD-PARTY-NOTICES.txt currently claims MOSIP
Kernel Libraries version 1.4.0-SNAPSHOT while demosdk/pom.xml pins
kernel.demographicsdk.version (and related properties kernel.core.version,
kernel-bom.version) to 1.3.0 and uses mockito-core 5.20.0; fix the mismatch by
either updating the POM properties kernel.demographicsdk.version,
kernel.core.version, kernel-bom.version (and mockito-core if intended) to
1.4.0-SNAPSHOT or, more likely, update THIRD-PARTY-NOTICES.txt to list MOSIP
Kernel Libraries Version: 1.3.0 (and ensure listed artifacts kernel-core,
kernel-bom, kernel-demographics-api, kernel-logger-logback reflect 1.3.0) so the
notice matches the actual POM versions.

Comment thread README.md Outdated
Comment thread README.md
## Documentation

Additional documentation and design references are available in the main MOSIP documentation portal:
https://github.com/mosip/documentation/tree/1.2.0/docs

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Update documentation link to current version.

The documentation link references version 1.2.0, which is outdated given the upgrade to 1.4.0-SNAPSHOT. Consider updating to the current documentation version or using a version-agnostic URL if available.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` at line 57, The README contains a hard-coded documentation URL
referencing version "1.2.0"; update that URL string to point to the current
version "1.4.0-SNAPSHOT" (or replace it with a version-agnostic path if
available) so the documentation link is accurate—locate the URL
"https://github.com/mosip/documentation/tree/1.2.0/docs" in README.md and
replace the version segment with "1.4.0-SNAPSHOT" or the stable/branch path.

Comment thread THIRD-PARTY-NOTICES.txt
Homepage: https://maven.apache.org/plugins/maven-assembly-plugin/
================================================================================

Full license texts and additional details for each of the above packages are available in the license/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check for license directory naming
fd -t d -d 1 '^licens' .

Repository: mosip/demosdk

Length of output: 69


🏁 Script executed:

#!/bin/bash
set -euo pipefail

ls -1
echo "----"
# confirm license dir presence
ls -1 | rg -n '^licenses/?$' || true
ls -1 | rg -n '^license/?$' || true

echo "---- THIRD-PARTY-NOTICES.txt excerpt ----"
# show the exact lines around the reported location
sed -n '115,140p' THIRD-PARTY-NOTICES.txt | nl -ba

Repository: mosip/demosdk

Length of output: 273


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "---- license dir check ----"
ls -1 | rg -n '^licenses/?$' || true
ls -1 | rg -n '^license/?$' || true

echo "---- THIRD-PARTY-NOTICES.txt lines 120-135 ----"
awk 'NR>=120 && NR<=135 {printf "%d:%s\n", NR, $0}' THIRD-PARTY-NOTICES.txt

echo "---- occurrences of 'Footer' ----"
rg -n --fixed-string "Footer" THIRD-PARTY-NOTICES.txt || true

echo "---- occurrences of 'license/' ----"
rg -n --fixed-string "license/" THIRD-PARTY-NOTICES.txt || true

echo "---- occurrences of 'licenses/' ----"
rg -n --fixed-string "licenses/" THIRD-PARTY-NOTICES.txt || true

Repository: mosip/demosdk

Length of output: 2194


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "---- THIRD-PARTY-NOTICES.txt line count ----"
wc -l THIRD-PARTY-NOTICES.txt

echo "---- THIRD-PARTY-NOTICES.txt last 20 lines ----"
tail -n 20 THIRD-PARTY-NOTICES.txt | nl -ba || tail -n 20 THIRD-PARTY-NOTICES.txt

echo "---- occurrences of 'Footer' (plain) ----"
rg -n "Footer" THIRD-PARTY-NOTICES.txt || true

echo "---- occurrences of 'license/' ----"
rg -n "license/" THIRD-PARTY-NOTICES.txt || true

echo "---- occurrences of 'licenses/' ----"
rg -n "licenses/" THIRD-PARTY-NOTICES.txt || true

Repository: mosip/demosdk

Length of output: 1634


Fix incorrect license/ directory reference in THIRD-PARTY-NOTICES.txt
The repo uses licenses/, but THIRD-PARTY-NOTICES.txt references license/ in the final line.

Proposed fix
-Full license texts and additional details for each of the above packages are available in the license/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.
+Full license texts and additional details for each of the above packages are available in the licenses/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
Full license texts and additional details for each of the above packages are available in the license/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.
Full license texts and additional details for each of the above packages are available in the licenses/ directory of this repository. Please refer to those files or the original source of each package for complete legal terms and conditions.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@THIRD-PARTY-NOTICES.txt` at line 128, Update the final line of
THIRD-PARTY-NOTICES.txt to reference the correct directory name used in the
repo: replace the incorrect "license/" path with "licenses/" in the sentence
"Full license texts and additional details for each of the above packages are
available in the license/ directory of this repository..." so it reads
"...available in the licenses/ directory...". Ensure only that path token is
changed and save the file.

Signed-off-by: kameshsr <kameshsr1338@gmail.com>
@kameshsr kameshsr closed this Jun 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant