❌ NEVER say:
- "Official IBM plugin"
- "Approved by IBM"
- "Certified by IBM"
- "Developed by IBM"
- "In collaboration with IBM"
- "Sponsored by Sonarsource"
- "Official Sonarsource plugin"
✅ You CAN say (as you already do):
- "Community plugin"
- "Independent project"
- "Not affiliated with IBM or Sonarsource"
- "Based on IBM public documentation"
❌ NEVER include:
- IBM logo
- Sonarsource logo
- SonarQube logo
- Any corporate imagery from these companies
✅ You CAN:
- Mention names in text (descriptive use)
- Include trademark disclaimers (as you already do)
❌ NEVER include:
- IBM compiler source code
- IBM proprietary libraries
- IBM COBOL runtime
- Commercial Sonarsource plugin code
✅ You CAN:
- Analyze public COBOL syntax
- Reference public documentation
- Detect syntactic patterns
❌ NEVER say:
- "Guarantees 100% IBM compatibility"
- "Certified for production"
- "Approved for enterprise use"
- "Bug-free guaranteed"
✅ You CAN say:
- "Provided 'AS IS' without warranties" (already in LICENSE)
- "Community plugin for analysis"
- "Use at your own risk"
❌ NEVER say:
- "Official IBM support"
- "Contact IBM for support"
- "24h response guarantee"
✅ You CAN:
- "Community support via GitHub Issues"
- "Pull requests welcome"
- "Best effort, no guarantees"
❌ NEVER remove or change:
This plugin is a community project, independent and unofficial.
It is not affiliated with, sponsored by, or approved by IBM or Sonarsource.
"IBM" and "IBM COBOL" are trademarks of International Business Machines Corporation.
"SonarQube" is a trademark of Sonarsource SA.
✅ Always keep it visible in:
- README.md
- pom.xml (description)
- LICENSE
❌ NEVER name the repo:
ibm-official-cobol-pluginsonarsource-cobol-pluginibm-certified-sonar-plugin
✅ You CAN use (as you already do):
sonar-cobol-ibm-standards-plugin✅- Clearly indicates it detects "IBM standards"
- Descriptive use, does not imply affiliation
✅ "Detects IBM COBOL extensions" ✅ "Based on IBM documentation" ✅ "Plugin for SonarQube"
✅ Cite: https://www.ibm.com/docs/en/cobol-linux-x86/1.2.0 ✅ Mention public standards (ANSI X3.23-1985)
✅ Detect COBOL keywords ✅ Analyze code structure ✅ Identify syntactic patterns
✅ Apache License 2.0 ✅ Open source on GitHub ✅ Free use, modification, and distribution
Verify your project has:
- ✅ Visible disclaimer in README
- ✅ Disclaimer in pom.xml
- ✅ LICENSE with Apache 2.0
- ✅ Trademark acknowledgment
- ✅ No IBM or Sonarsource logos
- ✅ No proprietary code
- ✅ Descriptive (not misleading) name
- ✅ "Community" or "Independent" in description
Your plugin is protected by:
- Fair Use: Educational/informational use of public documentation
- Nominative Use: Descriptive use of trademarks to identify technology
- Apache License 2.0: Permissive and widely recognized license
- Disclaimers: Clear and visible
Steps to follow:
- Don't panic — It is very unlikely
- Read carefully the notice
- Verify it is legitimate (not spam/phishing)
- Respond politely stating:
- It is a community project
- Descriptive use of trademarks (legal)
- Based on public documentation
- Willing to make changes if necessary
- Consult a lawyer if needed
Your plugin is legally correct because:
✅ Has clear disclaimers ✅ Does not imply affiliation ✅ Uses trademarks descriptively ✅ Based on public documentation ✅ No proprietary code ✅ Compatible license
Legal risk: MINIMAL
Follow these guidelines and you will be protected. Publish with confidence! 🚀
Last updated: 2024 Author: jmcordero74 License: Apache 2.0