Project.json to include Studio license detail

Hi UiPath team,

As always, thank you for always considering feedback and continuous efforts in improving your products.

Here is one more scenario we have identified, hence, wanted to provide our recommendation on same.

Scenario:

1. In an enterprise, if download of community version is not yet blocked, developer could download that version, create automation using that, bundle the package and upload it to other environments(uat/prod as well).

2. If community version download is blocked, there is still a possibility that any outside package(made using community version) can be brought inside and published to orchestrator.

Recommendation:
Currently project.json file does hold below details related to studio version being used for automation. So, if in addition to that, there also can be a parameter to hold value for studio license type like “Enterprise” or “Community”, would be great as this can help identify what license type was used for automation. And also we think if this parameter can be uneditable in project.json file so these details are always automatically picked.

Then this feature when combined with recommendation on below link can also help organizations identify and prevent use of community version or outside packages if required via governance policy.

Looking forward to hearing your inputs on same.

Regards
Sonali

@sonaliaggarwal47 there are multiple options to ensure only allowed packages/processes can be deployed:

• enforce nuget package signature for your processes
• have permissions management in place in Orchestrator so only authorized developers can push to prod
• have code reviews to ensure only quality/no malicious code is present

What does it matter if the process is developed using community or enterprise version? There is no functional difference. I don’t fully understand your concern/usecase.