bmad-plus 0.8.0 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (213) hide show
  1. package/CHANGELOG.md +45 -1
  2. package/LICENSE +21 -21
  3. package/README.md +107 -85
  4. package/osint-agent-package/README.md +88 -88
  5. package/osint-agent-package/SETUP_KEYS.md +108 -108
  6. package/osint-agent-package/agents/osint-investigator.md +80 -80
  7. package/osint-agent-package/install.ps1 +87 -87
  8. package/osint-agent-package/install.sh +76 -76
  9. package/osint-agent-package/skills/bmad-osint-investigate/SKILL.md +147 -147
  10. package/osint-agent-package/skills/bmad-osint-investigate/osint/references/enrichment-databases-fr.md +148 -148
  11. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/_http.py +101 -101
  12. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/apify.py +266 -266
  13. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/brightdata.py +101 -101
  14. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/diagnose.py +141 -141
  15. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/exa.py +79 -79
  16. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/jina.py +71 -71
  17. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/parallel.py +85 -85
  18. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/perplexity.py +102 -102
  19. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/tavily.py +72 -72
  20. package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/volley.py +208 -208
  21. package/osint-agent-package/skills/bmad-osint-investigator/SKILL.md +15 -15
  22. package/package.json +30 -3
  23. package/readme-international/README.de.md +18 -5
  24. package/readme-international/README.es.md +40 -12
  25. package/readme-international/README.fr.md +36 -8
  26. package/src/bmad-plus/agents/agent-architect-dev/SKILL.md +96 -96
  27. package/src/bmad-plus/agents/agent-architect-dev/bmad-skill-manifest.yaml +13 -13
  28. package/src/bmad-plus/agents/agent-maker/SKILL.md +201 -201
  29. package/src/bmad-plus/agents/agent-maker/bmad-skill-manifest.yaml +13 -13
  30. package/src/bmad-plus/agents/agent-orchestrator/SKILL.md +137 -137
  31. package/src/bmad-plus/agents/agent-orchestrator/bmad-skill-manifest.yaml +13 -13
  32. package/src/bmad-plus/agents/agent-quality/SKILL.md +83 -83
  33. package/src/bmad-plus/agents/agent-quality/bmad-skill-manifest.yaml +13 -13
  34. package/src/bmad-plus/agents/agent-shadow/SKILL.md +71 -71
  35. package/src/bmad-plus/agents/agent-shadow/bmad-skill-manifest.yaml +13 -13
  36. package/src/bmad-plus/agents/agent-strategist/SKILL.md +80 -80
  37. package/src/bmad-plus/agents/agent-strategist/bmad-skill-manifest.yaml +13 -13
  38. package/src/bmad-plus/data/role-triggers.yaml +209 -209
  39. package/src/bmad-plus/module-help.csv +10 -10
  40. package/src/bmad-plus/packs/pack-memory/README.md +106 -106
  41. package/src/bmad-plus/packs/pack-memory/memory-orchestrator.md +79 -79
  42. package/src/bmad-plus/packs/pack-memory/shared/karpathy-guardrails.md +86 -86
  43. package/src/bmad-plus/packs/pack-memory/shared/memory-protocol.md +143 -143
  44. package/src/bmad-plus/packs/pack-memory/templates/context.md +39 -39
  45. package/src/bmad-plus/packs/pack-memory/templates/decisions.md +25 -25
  46. package/src/bmad-plus/packs/pack-memory/templates/identity.yaml +39 -39
  47. package/src/bmad-plus/packs/pack-memory/templates/lessons.md +31 -31
  48. package/src/bmad-plus/packs/pack-memory/templates/patterns.md +24 -24
  49. package/src/bmad-plus/packs/pack-memory/templates/session-handoff.md +25 -25
  50. package/src/bmad-plus/packs/pack-memory/zecher-agent.md +157 -157
  51. package/src/bmad-plus/packs/pack-seo/bmad-skill-manifest.yaml +13 -0
  52. package/src/bmad-plus/packs/pack-shield/README.md +110 -110
  53. package/src/bmad-plus/packs/pack-shield/SKILL.md +82 -0
  54. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/csrd-agent.md +251 -251
  55. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/section508-agent.md +168 -168
  56. package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/wcag-agent.md +190 -190
  57. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/eu-ai-act-agent.md +86 -86
  58. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/iso42001-agent.md +240 -240
  59. package/src/bmad-plus/packs/pack-shield/categories/ai-governance/nist-ai-rmf-agent.md +122 -122
  60. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/cis-controls-agent.md +210 -210
  61. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/ism-agent.md +139 -139
  62. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/iso27001-agent.md +156 -156
  63. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nis2-agent.md +72 -72
  64. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-800-53-agent.md +239 -239
  65. package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-csf-agent.md +207 -207
  66. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/ccpa-agent.md +94 -94
  67. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/dpdpa-agent.md +136 -136
  68. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/gdpr-agent.md +296 -296
  69. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/iso27701-agent.md +134 -134
  70. package/src/bmad-plus/packs/pack-shield/categories/data-privacy/lgpd-agent.md +129 -129
  71. package/src/bmad-plus/packs/pack-shield/categories/defense-export/cmmc-agent.md +116 -116
  72. package/src/bmad-plus/packs/pack-shield/categories/defense-export/ear-agent.md +261 -261
  73. package/src/bmad-plus/packs/pack-shield/categories/defense-export/itar-agent.md +191 -191
  74. package/src/bmad-plus/packs/pack-shield/categories/defense-export/tsa-agent.md +356 -356
  75. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/dora-agent.md +499 -499
  76. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/fedramp-agent.md +236 -236
  77. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/hipaa-agent.md +162 -162
  78. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/pci-dss-agent.md +228 -228
  79. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/soc2-agent.md +255 -255
  80. package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/swift-csp-agent.md +153 -153
  81. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-classifier.md +131 -131
  82. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-fria.md +155 -155
  83. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-incidents.md +187 -187
  84. package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-roles.md +113 -113
  85. package/src/bmad-plus/packs/pack-shield/categories/workflows/breach-sentinel.md +197 -197
  86. package/src/bmad-plus/packs/pack-shield/categories/workflows/cookie-policy-gen.md +180 -180
  87. package/src/bmad-plus/packs/pack-shield/categories/workflows/dpia-sentinel.md +235 -235
  88. package/src/bmad-plus/packs/pack-shield/categories/workflows/legitimate-interest.md +159 -159
  89. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-advisor.md +133 -133
  90. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-notice-gen.md +160 -160
  91. package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-policy-gen.md +135 -135
  92. package/src/bmad-plus/packs/pack-shield/references/ccpa/ccpa-gdpr-comparison.md +117 -117
  93. package/src/bmad-plus/packs/pack-shield/references/ccpa/consumer-rights-workflows.md +177 -177
  94. package/src/bmad-plus/packs/pack-shield/references/cis-controls/framework-mappings.md +162 -162
  95. package/src/bmad-plus/packs/pack-shield/references/cis-controls/implementation-guidance.md +235 -235
  96. package/src/bmad-plus/packs/pack-shield/references/cis-controls/safeguards-detail.md +252 -252
  97. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-assessment.md +170 -170
  98. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-levels.md +113 -113
  99. package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-practices.md +211 -211
  100. package/src/bmad-plus/packs/pack-shield/references/csrd/compliance-program.md +281 -281
  101. package/src/bmad-plus/packs/pack-shield/references/csrd/double-materiality.md +253 -253
  102. package/src/bmad-plus/packs/pack-shield/references/csrd/esrs-standards.md +401 -401
  103. package/src/bmad-plus/packs/pack-shield/references/dora/article-reference.md +441 -441
  104. package/src/bmad-plus/packs/pack-shield/references/dora/incident-classification.md +297 -297
  105. package/src/bmad-plus/packs/pack-shield/references/dora/rts-its-guide.md +306 -306
  106. package/src/bmad-plus/packs/pack-shield/references/dora/third-party-risk.md +349 -349
  107. package/src/bmad-plus/packs/pack-shield/references/dpdpa/gdpr-comparison.md +173 -173
  108. package/src/bmad-plus/packs/pack-shield/references/dpdpa/rights-and-obligations.md +426 -426
  109. package/src/bmad-plus/packs/pack-shield/references/dpdpa/rules-2025.md +599 -599
  110. package/src/bmad-plus/packs/pack-shield/references/dpdpa/sections-reference.md +319 -319
  111. package/src/bmad-plus/packs/pack-shield/references/ear/ccl-eccn-guide.md +250 -250
  112. package/src/bmad-plus/packs/pack-shield/references/ear/compliance-program.md +280 -280
  113. package/src/bmad-plus/packs/pack-shield/references/ear/license-exceptions.md +207 -207
  114. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/gpai-governance.md +267 -267
  115. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/obligations-high-risk.md +287 -287
  116. package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/risk-classification.md +182 -182
  117. package/src/bmad-plus/packs/pack-shield/references/fedramp/appendices-guide.md +209 -209
  118. package/src/bmad-plus/packs/pack-shield/references/fedramp/control-families.md +281 -281
  119. package/src/bmad-plus/packs/pack-shield/references/fedramp/poam-guide.md +93 -93
  120. package/src/bmad-plus/packs/pack-shield/references/fedramp/readiness-checklist.md +134 -134
  121. package/src/bmad-plus/packs/pack-shield/references/fedramp/sap-sar-guide.md +86 -86
  122. package/src/bmad-plus/packs/pack-shield/references/fedramp/ssp-guide.md +129 -129
  123. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/documents.md +192 -192
  124. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/dpa-template.md +121 -121
  125. package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/privacy-notice.md +87 -87
  126. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/breach-notification.md +293 -293
  127. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/privacy-rule.md +276 -276
  128. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/security-rule.md +299 -299
  129. package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/templates.md +568 -568
  130. package/src/bmad-plus/packs/pack-shield/references/ism/control-applicability.md +181 -181
  131. package/src/bmad-plus/packs/pack-shield/references/ism/guidelines-overview.md +183 -183
  132. package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2013.md +203 -203
  133. package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2022.md +132 -132
  134. package/src/bmad-plus/packs/pack-shield/references/iso27001/control-mapping.md +153 -153
  135. package/src/bmad-plus/packs/pack-shield/references/iso27701/annex-a-controls.md +195 -195
  136. package/src/bmad-plus/packs/pack-shield/references/iso27701/regulatory-mapping.md +229 -229
  137. package/src/bmad-plus/packs/pack-shield/references/iso27701/transition-guide.md +219 -219
  138. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-ai-risk-assessment.md +258 -258
  139. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-clauses-requirements.md +279 -279
  140. package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-controls-annex-a.md +155 -155
  141. package/src/bmad-plus/packs/pack-shield/references/itar/compliance-program.md +174 -174
  142. package/src/bmad-plus/packs/pack-shield/references/itar/licensing-guide.md +146 -146
  143. package/src/bmad-plus/packs/pack-shield/references/itar/usml-categories.md +93 -93
  144. package/src/bmad-plus/packs/pack-shield/references/lgpd/anpd-enforcement.md +147 -147
  145. package/src/bmad-plus/packs/pack-shield/references/lgpd/compliance-program.md +272 -272
  146. package/src/bmad-plus/packs/pack-shield/references/lgpd/lgpd-articles.md +271 -271
  147. package/src/bmad-plus/packs/pack-shield/references/nis2/article-21-measures.md +153 -153
  148. package/src/bmad-plus/packs/pack-shield/references/nis2/iso27001-nis2-mapping.md +68 -68
  149. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/assessment-rmf.md +349 -349
  150. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/baselines-tailoring.md +277 -277
  151. package/src/bmad-plus/packs/pack-shield/references/nist-800-53/control-families.md +450 -450
  152. package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-core.md +361 -361
  153. package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-profiles.md +192 -192
  154. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-10-to-20-mapping.md +143 -143
  155. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-20-functions-categories.md +278 -278
  156. package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-implementation-tiers.md +135 -135
  157. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-requirements.md +366 -366
  158. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-saq-guide.md +217 -217
  159. package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-v4-changes.md +190 -190
  160. package/src/bmad-plus/packs/pack-shield/references/section-508/wcag-mapping.md +160 -160
  161. package/src/bmad-plus/packs/pack-shield/references/soc2/controls.md +241 -241
  162. package/src/bmad-plus/packs/pack-shield/references/soc2/evidence.md +236 -236
  163. package/src/bmad-plus/packs/pack-shield/references/soc2/policies.md +254 -254
  164. package/src/bmad-plus/packs/pack-shield/references/soc2/vendor.md +276 -276
  165. package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-assessment.md +202 -202
  166. package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-controls.md +545 -545
  167. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-crmp-requirements.md +359 -359
  168. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-directives-overview.md +187 -187
  169. package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-incident-reporting.md +187 -187
  170. package/src/bmad-plus/packs/pack-shield/references/wcag/criteria-detail.md +510 -510
  171. package/src/bmad-plus/packs/pack-shield/shared/audit-report-template.md +103 -103
  172. package/src/bmad-plus/packs/pack-shield/shared/cross-framework-mapper.md +103 -103
  173. package/src/bmad-plus/packs/pack-shield/shared/gap-analysis-template.md +83 -83
  174. package/src/bmad-plus/packs/pack-shield/shield-orchestrator.md +229 -229
  175. package/src/bmad-plus/packs/pack-shield/upstream-sync.yaml +68 -68
  176. package/src/bmad-plus/skills/bmad-plus-autopilot/SKILL.md +99 -99
  177. package/src/bmad-plus/skills/bmad-plus-parallel/SKILL.md +93 -93
  178. package/src/bmad-plus/skills/bmad-plus-sync/SKILL.md +69 -69
  179. package/tools/bmad-plus-npx.js +3 -5
  180. package/tools/cli/bmad-plus-cli.js +5 -3
  181. package/tools/cli/commands/autoconfig.js +18 -61
  182. package/tools/cli/commands/doctor.js +30 -31
  183. package/tools/cli/commands/install.js +33 -343
  184. package/tools/cli/commands/memory.js +1 -0
  185. package/tools/cli/commands/scan.js +61 -74
  186. package/tools/cli/commands/uninstall.js +7 -4
  187. package/tools/cli/commands/update.js +15 -72
  188. package/tools/cli/i18n.js +92 -10
  189. package/tools/cli/lib/ide-config.js +259 -0
  190. package/tools/cli/lib/memory-init.js +113 -0
  191. package/tools/cli/lib/pack-copy.js +84 -0
  192. package/tools/cli/lib/packs.js +114 -0
  193. package/tools/cli/lib/stack-detect.js +102 -0
  194. package/tools/cli/lib/validate.js +45 -0
  195. package/src/bmad-plus/agents/pack-animated/animated-website-agent.md +0 -325
  196. package/src/bmad-plus/agents/pack-animated/templates/animated-website-workflow.md +0 -55
  197. package/src/bmad-plus/agents/pack-backup/backup-agent.md +0 -71
  198. package/src/bmad-plus/agents/pack-backup/templates/backup-workflow.md +0 -51
  199. package/src/bmad-plus/agents/pack-seo/SKILL.md +0 -171
  200. package/src/bmad-plus/agents/pack-seo/checklist.md +0 -140
  201. package/src/bmad-plus/agents/pack-seo/pagespeed-playbook.md +0 -320
  202. package/src/bmad-plus/agents/pack-seo/ref/audit-schema.json +0 -187
  203. package/src/bmad-plus/agents/pack-seo/ref/cwv-thresholds.md +0 -87
  204. package/src/bmad-plus/agents/pack-seo/ref/eeat-criteria.md +0 -123
  205. package/src/bmad-plus/agents/pack-seo/ref/geo-signals.md +0 -167
  206. package/src/bmad-plus/agents/pack-seo/ref/hreflang-rules.md +0 -153
  207. package/src/bmad-plus/agents/pack-seo/ref/quality-gates.md +0 -133
  208. package/src/bmad-plus/agents/pack-seo/ref/schema-catalog.md +0 -91
  209. package/src/bmad-plus/agents/pack-seo/ref/schema-templates.json +0 -356
  210. package/src/bmad-plus/agents/pack-seo/seo-chief.md +0 -294
  211. package/src/bmad-plus/agents/pack-seo/seo-judge.md +0 -241
  212. package/src/bmad-plus/agents/pack-seo/seo-scout.md +0 -171
  213. package/src/bmad-plus/agents/pack-seo/templates/seo-audit-workflow.md +0 -241
@@ -1,207 +1,207 @@
1
- # EAR License Exceptions — Complete Reference (15 CFR Part 740)
2
-
3
- ## How License Exceptions Work
4
-
5
- A license exception is an authorization in the EAR that allows you to export, reexport, or transfer (in-country) items subject to the EAR **without a license** when the conditions of the exception are met. Using a license exception:
6
- - Certifies that all terms and conditions of the exception have been met
7
- - Does **not** apply when: (a) BIS has issued a denial order, (b) the destination is embargoed, (c) a WMD end-use is involved, (d) the party is on the Entity List (unless the exception is expressly permitted)
8
-
9
- **Global restrictions on all license exceptions (§ 740.2):**
10
- - Cannot be used to supply weapons of mass destruction programmes
11
- - Cannot be used by or to Denied Persons List parties
12
- - Cannot be used for prohibited end-uses under Part 744
13
- - Cannot override UN Security Council arms embargoes (Part 746)
14
-
15
- ---
16
-
17
- ## List-Based License Exceptions
18
-
19
- These exceptions are only available when the CCL entry for the specific ECCN expressly authorizes them. Check the CCL entry column "License Exceptions" to see which are available.
20
-
21
- ### LVS — Shipments of Limited Value (§ 740.3)
22
-
23
- **Scope:** Low-value shipments of eligible commodities and software
24
- **Condition:** The value of the shipment must not exceed the per-shipment dollar threshold listed in the ECCN entry (typically $500–$5,000 depending on ECCN)
25
- **Restrictions:**
26
- - Not available for items requiring review for nuclear, missile, chemical/biological, or crime control reasons
27
- - Not available for exports to Country Groups D or E
28
- - Aggregate annual reporting requirement for some items (§ 743.1)
29
- **Recordkeeping:** Retain documentation of the value and ECCN for 5 years
30
- **Tip:** The LVS threshold is per-shipment, not per-year. Cannot split shipments to stay under threshold.
31
-
32
- ---
33
-
34
- ### GBS — Group B Shipments (§ 740.4)
35
-
36
- **Scope:** Items controlled **for national security (NS) reasons only** exported to Country Group B countries
37
- **Key identifier:** The CCL entry must say "GBS—Yes" in the License Exceptions column
38
- **Conditions:**
39
- - Destination must be Country Group B (listed in Supplement 1, Part 740)
40
- - Only applies when NS is the **sole** reason for control — if CB, MT, NP, or other reasons also apply, GBS is unavailable
41
- - Item cannot be destined for a prohibited end-use or restricted party
42
- **Common uses:** Dual-use electronics, test equipment, and materials destined for commercial use in allied countries
43
-
44
- ---
45
-
46
- ### CIV — Civil End-Users (§ 740.5)
47
-
48
- **Scope:** NS-only controlled items exported for **civil end-use** to Country Group D:1 countries
49
- **Key identifier:** CCL entry must say "CIV—Yes"
50
- **Conditions:**
51
- - End-use must be strictly civil (not military, intelligence, or security services)
52
- - Exporter must obtain a **written end-user/end-use statement** from the buyer certifying civil use
53
- - Enhanced due diligence required — actual knowledge or reason to know of military diversion triggers denial
54
- **High-risk alert:** China and Russia are Country Group D:1; this exception is narrow and heavily scrutinised by BIS
55
-
56
- ---
57
-
58
- ### APP — Adjusted Peak Performance Computers (§ 740.7)
59
-
60
- **Scope:** Certain computer items (ECCN 4A003) at specified performance levels
61
- **Conditions:** Performance (APP, measured in TP) must not exceed the thresholds set in the CCL entry for the destination country group
62
- **Tiered thresholds:** APP thresholds differ for Country Groups A, B, and D destinations
63
- **Not available for:** Embargoed countries or military end-users
64
-
65
- ---
66
-
67
- ### TSR — Technology and Software under Restriction (§ 740.6)
68
-
69
- **Scope:** Technology and software controlled **for NS reasons only** to Country Group B
70
- **Key identifier:** CCL entry must say "TSR—Yes"
71
- **Conditions:**
72
- - Destination is Country Group B
73
- - Item is technology or software (Product Group D or E)
74
- - NS is the sole RFC
75
- **Common uses:** Exporting software documentation, operating manuals, or technical data to allies/partners in Country Group B
76
-
77
- ---
78
-
79
- ## Non-List-Based License Exceptions
80
-
81
- These exceptions authorize exports **regardless** of whether the CCL entry lists them. They override the CCL for specific categories of transactions.
82
-
83
- ---
84
-
85
- ### TMP — Temporary Imports/Exports (§ 740.9)
86
-
87
- **Scope:** Items exported temporarily from the US and returned without transfer of title or ownership
88
- **Conditions:**
89
- - Item must be returned to the US within **12 months** (or the period specified by BIS)
90
- - No permanent transfer of the item to the foreign consignee
91
- - Cannot be used for embargoed countries or restricted parties
92
- - Covers: trade show demonstrations, testing abroad, tools/equipment used on a project
93
- **Documentation required:** Statement that the item is being exported temporarily and will return; must track item and maintain records
94
- **Common uses:** R&D equipment for offshore testing, display units at international trade fairs, laptops/equipment carried by travelling employees
95
-
96
- ---
97
-
98
- ### RPL — Servicing and Replacement Parts (§ 740.10)
99
-
100
- **Scope:** Replacement parts, components, and assemblies for items previously legally exported
101
- **Conditions:**
102
- - Original export must have been licensed or authorized
103
- - One-for-one replacement — the old part must be returned or certified as destroyed
104
- - Cannot be used for embargoed countries or denied parties
105
- - Not available for items with proliferation controls (CB, MT, NP) without checking CCL
106
- **Common uses:** Exporting replacement circuit boards or components to repair previously exported equipment
107
-
108
- ---
109
-
110
- ### GOV — Governments (§ 740.11)
111
-
112
- **Scope:** Exports to US government agencies, cooperating governments, and certain international organisations
113
- **Four paragraphs:**
114
- - **(a)** Exports for US government agencies (military, intelligence, diplomatic) — broad coverage
115
- - **(b)** Exports to cooperating governments for legitimate government use — requires government-to-government verification
116
- - **(c)** Exports for international inspections (Chemical Weapons Convention verification missions)
117
- - **(d)** Exports for the International Space Station programme
118
- **Restrictions:** Must verify the end-user is an actual government entity; diversion to commercial entities voids the exception
119
- **High-value exception:** Frequently used by defence contractors and government-facing technology suppliers
120
-
121
- ---
122
-
123
- ### TSU — Technology and Software Unrestricted (§ 740.13)
124
-
125
- **Scope:** Publicly available technology and software
126
- **Three paragraphs:**
127
- - **(a) Mass-market software:** Software available to anyone without restriction (retail/internet)
128
- - **(b) Publicly available technology:** Information in the public domain — published research, textbooks, technical manuals freely available
129
- - **(c) Pre-release software:** Beta/evaluation software distributed to developers for feedback
130
- **Key rule:** The **fundamental research exclusion** (§ 734.8) removes most university research from EAR jurisdiction entirely — TSU covers the remainder
131
- **Important:** Technology that is NOT publicly available cannot use TSU, even if widely shared within a company
132
-
133
- ---
134
-
135
- ### ENC — Encryption Items (§ 740.17)
136
-
137
- **Scope:** Encryption commodities, software, and technology (primarily ECCN 5E002 and 5D002)
138
- **Structure:** Three tiers based on encryption strength and market availability:
139
- - **Tier 1 (§ 740.17(a)):** Mass market encryption (AES-256, standard protocols) — eligible after one-time BIS notification; reexportable to most Country Group B
140
- - **Tier 2 (§ 740.17(b)(1)):** Source code for mass-market products — one-time BIS notification
141
- - **Tier 3 (§ 740.17(b)(3)):** Non-standard or proprietary encryption — annual self-classification report
142
- **Prior notification required:** File Form BIS-748P-A via SNAP-R before first use
143
- **NOT available for:** Cuba, North Korea, Iran, Syria (E:1 countries) for most encryption items
144
- **Common uses:** Exporting commercial VPN software, SSL/TLS libraries, encrypted mobile apps, and security products
145
-
146
- ---
147
-
148
- ### BAG — Baggage (§ 740.14)
149
-
150
- **Scope:** Personal items in traveller's baggage or household effects
151
- **Conditions:**
152
- - Items must be for personal use, not for resale or transfer
153
- - Computer performance limitations apply (laptops within APP thresholds)
154
- - Personal defence items (shotguns, ammunition) have specific limitations
155
- - Not available for embargoed countries
156
- **Practical note:** Employees travelling with company laptops containing controlled technical data should confirm the laptop falls within BAG conditions; country-specific controls may still apply
157
-
158
- ---
159
-
160
- ### AVS — Aircraft and Vessels (§ 740.15)
161
-
162
- **Scope:** Items exported on aircraft or vessels of non-US registry for use on that aircraft or vessel
163
- **Conditions:**
164
- - Items must be for use aboard the aircraft or vessel (fuel, spare parts, equipment)
165
- - The vessel/aircraft must be legal and not destined for prohibited parties
166
- - Specific rules apply for aircraft flying into embargoed country airspace
167
- **Common uses:** Aviation parts, marine equipment, aircraft repair kits exported on the vessel they will service
168
-
169
- ---
170
-
171
- ### ACE — Additional Permissive Reexports (§ 740.16)
172
-
173
- **Scope:** Reexports of certain controlled items from Country Group A or B countries
174
- **Conditions:** The original export from the US must have been authorized; subsequent reexports within specified country groups may use ACE
175
- **Limitation:** Only available for items with NS or AT controls; not for items with proliferation controls
176
-
177
- ---
178
-
179
- ### GFT — Gift Parcels (§ 740.12)
180
-
181
- **Scope:** Gifts sent by individual US citizens/residents to individuals in embargoed countries
182
- **Conditions:** Strict value and content limits; not for commercial shipments; recipient must be an individual (not an entity)
183
- **Primarily used for:** Cuba — specific limits on food, medicine, personal items
184
-
185
- ---
186
-
187
- ## License Exception Recordkeeping (§ 762.2)
188
-
189
- When using any license exception, retain:
190
- 1. The invoice or order showing the ECCN, description, and value
191
- 2. The license exception symbol used (e.g., "LVS", "ENC")
192
- 3. Any required end-user statement or certification
193
- 4. EEI filing (if required under § 758.1)
194
- 5. Denied party screening records and date of screening
195
-
196
- Retention period: **5 years** from date of export (§ 762.6)
197
-
198
- ---
199
-
200
- ## AES/EEI Filing Requirements (Part 758)
201
-
202
- Electronic Export Information (EEI) filing via AES (Automated Export System) is required when:
203
- - The value of the shipment exceeds **$2,500** per Schedule B number and the destination is outside Canada
204
- - A BIS license is used (always file regardless of value)
205
- - Certain license exceptions require filing (check § 758.1 and the specific exception)
206
-
207
- Cite the license exception symbol or license number in the EEI filing under the license code field.
1
+ # EAR License Exceptions — Complete Reference (15 CFR Part 740)
2
+
3
+ ## How License Exceptions Work
4
+
5
+ A license exception is an authorization in the EAR that allows you to export, reexport, or transfer (in-country) items subject to the EAR **without a license** when the conditions of the exception are met. Using a license exception:
6
+ - Certifies that all terms and conditions of the exception have been met
7
+ - Does **not** apply when: (a) BIS has issued a denial order, (b) the destination is embargoed, (c) a WMD end-use is involved, (d) the party is on the Entity List (unless the exception is expressly permitted)
8
+
9
+ **Global restrictions on all license exceptions (§ 740.2):**
10
+ - Cannot be used to supply weapons of mass destruction programmes
11
+ - Cannot be used by or to Denied Persons List parties
12
+ - Cannot be used for prohibited end-uses under Part 744
13
+ - Cannot override UN Security Council arms embargoes (Part 746)
14
+
15
+ ---
16
+
17
+ ## List-Based License Exceptions
18
+
19
+ These exceptions are only available when the CCL entry for the specific ECCN expressly authorizes them. Check the CCL entry column "License Exceptions" to see which are available.
20
+
21
+ ### LVS — Shipments of Limited Value (§ 740.3)
22
+
23
+ **Scope:** Low-value shipments of eligible commodities and software
24
+ **Condition:** The value of the shipment must not exceed the per-shipment dollar threshold listed in the ECCN entry (typically $500–$5,000 depending on ECCN)
25
+ **Restrictions:**
26
+ - Not available for items requiring review for nuclear, missile, chemical/biological, or crime control reasons
27
+ - Not available for exports to Country Groups D or E
28
+ - Aggregate annual reporting requirement for some items (§ 743.1)
29
+ **Recordkeeping:** Retain documentation of the value and ECCN for 5 years
30
+ **Tip:** The LVS threshold is per-shipment, not per-year. Cannot split shipments to stay under threshold.
31
+
32
+ ---
33
+
34
+ ### GBS — Group B Shipments (§ 740.4)
35
+
36
+ **Scope:** Items controlled **for national security (NS) reasons only** exported to Country Group B countries
37
+ **Key identifier:** The CCL entry must say "GBS—Yes" in the License Exceptions column
38
+ **Conditions:**
39
+ - Destination must be Country Group B (listed in Supplement 1, Part 740)
40
+ - Only applies when NS is the **sole** reason for control — if CB, MT, NP, or other reasons also apply, GBS is unavailable
41
+ - Item cannot be destined for a prohibited end-use or restricted party
42
+ **Common uses:** Dual-use electronics, test equipment, and materials destined for commercial use in allied countries
43
+
44
+ ---
45
+
46
+ ### CIV — Civil End-Users (§ 740.5)
47
+
48
+ **Scope:** NS-only controlled items exported for **civil end-use** to Country Group D:1 countries
49
+ **Key identifier:** CCL entry must say "CIV—Yes"
50
+ **Conditions:**
51
+ - End-use must be strictly civil (not military, intelligence, or security services)
52
+ - Exporter must obtain a **written end-user/end-use statement** from the buyer certifying civil use
53
+ - Enhanced due diligence required — actual knowledge or reason to know of military diversion triggers denial
54
+ **High-risk alert:** China and Russia are Country Group D:1; this exception is narrow and heavily scrutinised by BIS
55
+
56
+ ---
57
+
58
+ ### APP — Adjusted Peak Performance Computers (§ 740.7)
59
+
60
+ **Scope:** Certain computer items (ECCN 4A003) at specified performance levels
61
+ **Conditions:** Performance (APP, measured in TP) must not exceed the thresholds set in the CCL entry for the destination country group
62
+ **Tiered thresholds:** APP thresholds differ for Country Groups A, B, and D destinations
63
+ **Not available for:** Embargoed countries or military end-users
64
+
65
+ ---
66
+
67
+ ### TSR — Technology and Software under Restriction (§ 740.6)
68
+
69
+ **Scope:** Technology and software controlled **for NS reasons only** to Country Group B
70
+ **Key identifier:** CCL entry must say "TSR—Yes"
71
+ **Conditions:**
72
+ - Destination is Country Group B
73
+ - Item is technology or software (Product Group D or E)
74
+ - NS is the sole RFC
75
+ **Common uses:** Exporting software documentation, operating manuals, or technical data to allies/partners in Country Group B
76
+
77
+ ---
78
+
79
+ ## Non-List-Based License Exceptions
80
+
81
+ These exceptions authorize exports **regardless** of whether the CCL entry lists them. They override the CCL for specific categories of transactions.
82
+
83
+ ---
84
+
85
+ ### TMP — Temporary Imports/Exports (§ 740.9)
86
+
87
+ **Scope:** Items exported temporarily from the US and returned without transfer of title or ownership
88
+ **Conditions:**
89
+ - Item must be returned to the US within **12 months** (or the period specified by BIS)
90
+ - No permanent transfer of the item to the foreign consignee
91
+ - Cannot be used for embargoed countries or restricted parties
92
+ - Covers: trade show demonstrations, testing abroad, tools/equipment used on a project
93
+ **Documentation required:** Statement that the item is being exported temporarily and will return; must track item and maintain records
94
+ **Common uses:** R&D equipment for offshore testing, display units at international trade fairs, laptops/equipment carried by travelling employees
95
+
96
+ ---
97
+
98
+ ### RPL — Servicing and Replacement Parts (§ 740.10)
99
+
100
+ **Scope:** Replacement parts, components, and assemblies for items previously legally exported
101
+ **Conditions:**
102
+ - Original export must have been licensed or authorized
103
+ - One-for-one replacement — the old part must be returned or certified as destroyed
104
+ - Cannot be used for embargoed countries or denied parties
105
+ - Not available for items with proliferation controls (CB, MT, NP) without checking CCL
106
+ **Common uses:** Exporting replacement circuit boards or components to repair previously exported equipment
107
+
108
+ ---
109
+
110
+ ### GOV — Governments (§ 740.11)
111
+
112
+ **Scope:** Exports to US government agencies, cooperating governments, and certain international organisations
113
+ **Four paragraphs:**
114
+ - **(a)** Exports for US government agencies (military, intelligence, diplomatic) — broad coverage
115
+ - **(b)** Exports to cooperating governments for legitimate government use — requires government-to-government verification
116
+ - **(c)** Exports for international inspections (Chemical Weapons Convention verification missions)
117
+ - **(d)** Exports for the International Space Station programme
118
+ **Restrictions:** Must verify the end-user is an actual government entity; diversion to commercial entities voids the exception
119
+ **High-value exception:** Frequently used by defence contractors and government-facing technology suppliers
120
+
121
+ ---
122
+
123
+ ### TSU — Technology and Software Unrestricted (§ 740.13)
124
+
125
+ **Scope:** Publicly available technology and software
126
+ **Three paragraphs:**
127
+ - **(a) Mass-market software:** Software available to anyone without restriction (retail/internet)
128
+ - **(b) Publicly available technology:** Information in the public domain — published research, textbooks, technical manuals freely available
129
+ - **(c) Pre-release software:** Beta/evaluation software distributed to developers for feedback
130
+ **Key rule:** The **fundamental research exclusion** (§ 734.8) removes most university research from EAR jurisdiction entirely — TSU covers the remainder
131
+ **Important:** Technology that is NOT publicly available cannot use TSU, even if widely shared within a company
132
+
133
+ ---
134
+
135
+ ### ENC — Encryption Items (§ 740.17)
136
+
137
+ **Scope:** Encryption commodities, software, and technology (primarily ECCN 5E002 and 5D002)
138
+ **Structure:** Three tiers based on encryption strength and market availability:
139
+ - **Tier 1 (§ 740.17(a)):** Mass market encryption (AES-256, standard protocols) — eligible after one-time BIS notification; reexportable to most Country Group B
140
+ - **Tier 2 (§ 740.17(b)(1)):** Source code for mass-market products — one-time BIS notification
141
+ - **Tier 3 (§ 740.17(b)(3)):** Non-standard or proprietary encryption — annual self-classification report
142
+ **Prior notification required:** File Form BIS-748P-A via SNAP-R before first use
143
+ **NOT available for:** Cuba, North Korea, Iran, Syria (E:1 countries) for most encryption items
144
+ **Common uses:** Exporting commercial VPN software, SSL/TLS libraries, encrypted mobile apps, and security products
145
+
146
+ ---
147
+
148
+ ### BAG — Baggage (§ 740.14)
149
+
150
+ **Scope:** Personal items in traveller's baggage or household effects
151
+ **Conditions:**
152
+ - Items must be for personal use, not for resale or transfer
153
+ - Computer performance limitations apply (laptops within APP thresholds)
154
+ - Personal defence items (shotguns, ammunition) have specific limitations
155
+ - Not available for embargoed countries
156
+ **Practical note:** Employees travelling with company laptops containing controlled technical data should confirm the laptop falls within BAG conditions; country-specific controls may still apply
157
+
158
+ ---
159
+
160
+ ### AVS — Aircraft and Vessels (§ 740.15)
161
+
162
+ **Scope:** Items exported on aircraft or vessels of non-US registry for use on that aircraft or vessel
163
+ **Conditions:**
164
+ - Items must be for use aboard the aircraft or vessel (fuel, spare parts, equipment)
165
+ - The vessel/aircraft must be legal and not destined for prohibited parties
166
+ - Specific rules apply for aircraft flying into embargoed country airspace
167
+ **Common uses:** Aviation parts, marine equipment, aircraft repair kits exported on the vessel they will service
168
+
169
+ ---
170
+
171
+ ### ACE — Additional Permissive Reexports (§ 740.16)
172
+
173
+ **Scope:** Reexports of certain controlled items from Country Group A or B countries
174
+ **Conditions:** The original export from the US must have been authorized; subsequent reexports within specified country groups may use ACE
175
+ **Limitation:** Only available for items with NS or AT controls; not for items with proliferation controls
176
+
177
+ ---
178
+
179
+ ### GFT — Gift Parcels (§ 740.12)
180
+
181
+ **Scope:** Gifts sent by individual US citizens/residents to individuals in embargoed countries
182
+ **Conditions:** Strict value and content limits; not for commercial shipments; recipient must be an individual (not an entity)
183
+ **Primarily used for:** Cuba — specific limits on food, medicine, personal items
184
+
185
+ ---
186
+
187
+ ## License Exception Recordkeeping (§ 762.2)
188
+
189
+ When using any license exception, retain:
190
+ 1. The invoice or order showing the ECCN, description, and value
191
+ 2. The license exception symbol used (e.g., "LVS", "ENC")
192
+ 3. Any required end-user statement or certification
193
+ 4. EEI filing (if required under § 758.1)
194
+ 5. Denied party screening records and date of screening
195
+
196
+ Retention period: **5 years** from date of export (§ 762.6)
197
+
198
+ ---
199
+
200
+ ## AES/EEI Filing Requirements (Part 758)
201
+
202
+ Electronic Export Information (EEI) filing via AES (Automated Export System) is required when:
203
+ - The value of the shipment exceeds **$2,500** per Schedule B number and the destination is outside Canada
204
+ - A BIS license is used (always file regardless of value)
205
+ - Certain license exceptions require filing (check § 758.1 and the specific exception)
206
+
207
+ Cite the license exception symbol or license number in the EEI filing under the license code field.