Topic: Remove XDRX

[Jeff H]

the software as is would cause you to fail an audit.

Hi Jeff,
Maybe you can expand on this a bit. I’ve also been known to write closed source software, and I’ve also used INNO setup.

To do any government work you will have to obtain CMMC Cybersecurity Maturity Model Certification
It will apply to anyone doing any jobs for DOD(Department of Defense).
You have to hire a accredited CMMC Third-Party Assessment Organization to do an assessment and to issue a certificate, and update it yearly. If the they feel like you are not practicing good cybersecurity practices they will not issue a certificate.
Level 1 is required to just get paid, you your going to send them a email or document like a bill you must be certified.
We would be level 2 since we will handle non classified documents, and basically increases the requirements of NIST SP 800-171
Back to level 1 is as simple as if DOD buys material from Home Depot then they must have certificate to get paid.

I am not saying anything wrong with software but if found in a scan you would have to explain why and was just elaborating on some of the points pkohut made.
Bosses would be pissed if we were not able to get paid.

Absolutely nothing against xcad, but more politics than anything,

[xdcad]

Scan ARX files after installation without any security issues

[Jeff H]

xcad,

Have considered making open source?

Is your goal to maybe sell it in future or require a paid license to use it?

[It's Alive!]

the software as is would cause you to fail an audit.

Hi Jeff,
Maybe you can expand on this a bit. I’ve also been known to write closed source software, and I’ve also used INNO setup.

To do any government work you will have to obtain CMMC Cybersecurity Maturity Model Certification
It will apply to anyone doing any jobs for DOD(Department of Defense).
You have to hire a accredited CMMC Third-Party Assessment Organization to do an assessment and to issue a certificate, and update it yearly. If the they feel like you are not practicing good cybersecurity practices they will not issue a certificate.
Level 1 is required to just get paid, you your going to send them a email or document like a bill you must be certified.
We would be level 2 since we will handle non classified documents, and basically increases the requirements of NIST SP 800-171
Back to level 1 is as simple as if DOD buys material from Home Depot then they must have certificate to get paid.

I am not saying anything wrong with software but if found in a scan you would have to explain why and was just elaborating on some of the points pkohut made.
Bosses would be pissed if we were not able to get paid.

Absolutely nothing against xcad, but more politics than anything,

Interesting!

No wonder it costs $100,000 for a screwdriver 
I assume DOD handles this overhead for open-source software

[xdcad]

xcad,

Have considered making open source?

Is your goal to maybe sell it in future or require a paid license to use it?

Thank you. From the beginning of this API in 1997 to now, I have always focused on the application level. When I found a need at work, I updated the API, and then used the API to write LISP. This is how the API developed.

What we can promise is that there will be no restrictions on personal use under any circumstances.

I currently have no plans to require any licenses in the future, and of course I have no idea of open source part of ARX, because I think there are still many areas that need to be improved. In addition, I have been focusing on developing specific applications and how to open source them. This is currently No idea yet.

Of course, it does not affect everyone's use. There is no API under AUTOCAD that is updated as frequently as the XDRX API.
However, LISP written with API can be completely open source.

[JohnK]

the software as is would cause you to fail an audit.

Hi Jeff,
Maybe you can expand on this a bit. I’ve also been known to write closed source software, and I’ve also used INNO setup.

@xdcad, you should run your packages through VirusTotal and report false positives. It passed on other online checkers
I’m not against closed source software, only ignoring open source licenses

Personally, I’m trying to avoid writing to the registry. I must add to %PATH% for my python project. At some point I want to try remove that as well.

Thanks, Daniel
Recently, I searched GOOGLE and found that the installation package made by INNO SETUP is often misreported.
I used security software to scan the files after installation alone, and there were no security issues.

xdcad, great news! Congratulations on the clean scan.

I've used NSIS in the past (I thought it was a great little packager). I haven't used it in years, but I could look through some of my old stuff and help out if you wanted to switch/try. I had different installers for many different needs (I wrote a lot of my own custom functions for NSIS) but a simple "copy files into directory and write to REG" is easy.

xcad,

Have considered making open source?

Is your goal to maybe sell it in future or require a paid license to use it?

Thank you. From the beginning of this API in 1997 to now, I have always focused on the application level. When I found a need at work, I updated the API, and then used the API to write LISP. This is how the API developed.

What we can promise is that there will be no restrictions on personal use under any circumstances.

I currently have no plans to require any licenses in the future, and of course I have no idea of open source part of ARX, because I think there are still many areas that need to be improved. In addition, I have been focusing on developing specific applications and how to open source them. This is currently No idea yet.

Of course, it does not affect everyone's use. There is no API under AUTOCAD that is updated as frequently as the XDRX API.
However, LISP written with API can be completely open source.

That's easy; you would want the 3-clause BSD license then if you open sourced it.

The fact that there are still many areas needing to be improved is the reason to ask others to help.

[Jeff H]

xcad,

Have considered making open source?

Is your goal to maybe sell it in future or require a paid license to use it?

Thank you. From the beginning of this API in 1997 to now, I have always focused on the application level. When I found a need at work, I updated the API, and then used the API to write LISP. This is how the API developed.

What we can promise is that there will be no restrictions on personal use under any circumstances.

I currently have no plans to require any licenses in the future, and of course I have no idea of open source part of ARX, because I think there are still many areas that need to be improved. In addition, I have been focusing on developing specific applications and how to open source them. This is currently No idea yet.

Of course, it does not affect everyone's use. There is no API under AUTOCAD that is updated as frequently as the XDRX API.
However, LISP written with API can be completely open source.

It would be awsome if you did for selfish reasons mainly cause i would love to learn from it

[Atook]

FWIW, I was having problems with my signed installer.exe getting flagged, and the problem resolved when I switched to an .msi package.