Skip to main navigation Skip to main content Skip to page footer

Alfabet joins Bizzdesign and Mega in creating a new force in enterprise architecture and strategic portfolio management.

Free trial Contact us
Free trial Contact us
Legal Notes

Third Party Products

Used 3rd party products

Actual release of Alfabet includes the following software code owned or provided by third-party licensors: 

  • This software contains a licensed version of Actipro Software, version 24.1.0 Copyright © 2001-2024 Actipro Software LLC., All Rights Reserved.
  • This software contains a licensed version of Aspose.Slides, version 24.5.0, Aspose.Tasks, version 22.12.0, Aspose.HTML, version 22.11.0, Aspose.Words, version 22.12.0. Copyright © 2021 Aspose Pty Ltd., All Rights Reserved.
  • This software contains a licensed version of azure-core, version 1.40.0.  Copyright © Microsoft Corporation, All Rights Reserved.
  • This software contains a licensed version of azure.identity, version 1.11.4. Copyright © Microsoft Corporation, All Rights Reserved.
  • This software contains a licensed version of ComponentSpace SAML2 for NET4, version 4.1.0. Copyright © ComponentSpace 2004-2020, All Rights Reserved.
  • This software contains a licensed version of DevExpress.NET, version 23.2.6. Copyright © 2000 - 2024 Developer Express Inc., All Rights Reserved.
  • This software contains a licensed version of Essential Objects, version 24.1.46. Copyright © 2023 Essential Objects, Inc., All Rights Reserved.
  • This software contains a licensed version of gudusoft General SQL Parser, version 3.4.1.5. Copyright ©2004 - 2023 Gudusoft, Inc., All Rights Reserved.
  • This software contains a licensed version of Lucene.Net, version 4.8.0. Copyright © 2006 - 2022 The Apache Software Foundation, All Rights Reserved.
  • This software contains a licensed version of Microsoft.AspNetCore 8.0.6. Copyright © 2023 Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of Microsoft.Bot.Schema 4.21.0. Copyright © 2023 Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of microsoft.data.sqlclient 5.2.1. Copyright © 2024 Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of microsoft.data.sqlclient.sni 5.2.0. Copyright © 2023 Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of Microsoft.Graph, version 5.56.0. Copyright © Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of microsoft.identity.client, version 4.61.3. Copyright © Microsoft Corporation, All Rights Reserved.
  • This software contains a licensed version of Microsoft.OpenApi.Readers 1.6.14. Copyright © 2024 Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of ML.NET, version 3.0.1. Copyright © Microsoft Corporation. All Rights Reserved.
  • This software contains a licensed version of Newtonsoft.Json, version 13.0.3. Copyright © 2008 - 2023 James Newton-King, Newtonsoft Limited, All Rights Reserved.
  • This software contains a licensed version of NLog, version 5.3.2. Copyright (c) 2004-2024 NLog Project - https://nlog-project.org/.
  • This software contains a licensed version of SharpYaml 2.1.0. Copyright © Copyright (c) 2013-2023 SharpYaml - Alexandre Mutel. All Rights Reserved.
  • This software contains a licensed version of Syncfusion .NET Software, version 19.2.0.55. Copyright © 2001-2021 Copyright © Syncfusion Inc. All Rights Reserved.
  • This software contains a licensed version of TMS FlexCel Studio for .Net Software, version 7.1.1. Copyright © 2002 -2020 TMS Software, All Rights Reserved.
  • This software contains a licensed version of the yFilesNet library, version 5.4.0, Copyright © 2017-2022 yWorks GmbH, All Rights Reserved.

The above named Third-Party Code does not require a separate Third-Party License and is subject to the terms and conditions of the mutually negotiable paid Standard Software License Agreement for Alfabet. Please note, that the underlying third-party code terms & conditions require usage of the software in strict accordance with the Technical Requirements and the Standard Software License Agreement for Alfabet including report of supporting servers and virtual machines as set forth therein. Furthermore, the named Third-Party Code is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this program, or any portion of it, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under the law. 

Warning: This computer program is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this program, or any portion of it, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under the law.

Process for Third-Party and Open-Source component approval in BizzDesign agile SDLC

1. Introduction 

Incorporating third-party and open-source components into our software projects offers significant benefits, including reduced development time and access to cutting-edge technologies. However, it also introduces potential risks related to security, licensing, and compatibility. At Alfabet BD GmbH, we have established a rigorous approval process to ensure that all third-party and open-source components meet our strict criteria for security, legal compliance, and technical suitability. 

2. Preliminary Screening

  • Initial Request: Developers submit a request for a new third-party or open-source component via a standardized form in Azure DevOps. The request must include the component’s name, version, source, and a justification for its inclusion.
  • License Verification: The requested component’s license type is checked to ensure it is compatible with our project’s licensing. Only components with Open Source Initiative (OSI)-approved licenses are considered further.
  • Initial Risk Assessment: A preliminary risk assessment is conducted to identify any obvious security, legal, or compatibility issues.

3. Detailed Evaluation

  • Version Assessment: The specific version of the component is evaluated. Versions that are not the latest stable release must have a clear justification for their choice, focusing on stability, security, and feature set.
  • Technology Compatibility: The component is evaluated for compatibility with the existing technology stack. This includes assessing dependencies, potential conflicts, and the effort required to integrate and maintain the component.
    • Security Review: A thorough security review is conducted, including:
    • Checking the component and its dependencies for known vulnerabilities using tools like OWASP Dependency-Check.
  • Reviewing the component’s development history for responsiveness to security issues.
  • Performance Impact: Analyse the potential impact of the component on system performance, including resource usage and response times.

4. Approval Process

  • Technology Forum Review: The component undergoes a review by Alfabet BD GmbH Technology Forum, a committee comprising senior developers, security specialists, and legal advisors. The forum evaluates the component based on the detailed evaluation results.
  • Documentation Requirements: If the component passes the Technology Forum’s review, the developer is required to provide comprehensive documentation, including:
    • Integration guidelines.
    • Examples of usage within our projects.
    • Mitigation strategies for identified risks.
  • License Compliance Documentation: A detailed review of the component’s licensing information is documented, including any obligations or restrictions it imposes on the distribution of the final product.

5. Approval and Integration

  • Final Approval: Upon successful review and documentation, final approval is granted by the designated authority within Alfabet BD GmbH, typically the CTO.
  • Integration into the Project: The approved component is integrated into the project. This includes updating project dependency files and continuous integration/continuous deployment (CI/CD) pipelines.
  • Monitoring and Auditing: Post-integration, the component is monitored for any emerging security vulnerabilities or performance issues. Regular audits are scheduled to ensure compliance with the initial approval terms, especially concerning license obligations.

6. Ongoing Maintenance

  • Version Updates: Regular checks are performed to ensure the component remains up-to-date with the latest stable versions. Update decisions are documented and go through a mini-review process to ensure continued compliance with security and compatibility standards.
  • License and Security Compliance: Continuous monitoring of licensing and security compliance is maintained to address any changes in the component’s usage conditions or new security vulnerabilities.

Conclusion 

This detailed approval process for third-party and open-source components ensures that all external software integrated into Alfabet BD GmbH projects meets our high standards for security, compatibility, and legal compliance. By adhering to this process, we safeguard our projects against potential risks while benefiting from the rapid innovation that third-party components can offer.