You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I made a policy to check for licenses which are not in an allowed-licenses license group.
This works. But I also get policy violations for internal components which either have no license or one that's not allowed for third-party components. Is there a good way to exclude them from the license policy?
I configured the internal components in "Administration > Internal Components". They're also marked as internal. But I don't see a possibility to exclude them from the policy.
Excluding them with an additional condition (like PURL does not match package xyz) works for excluding them. But now if I get a policy violation I don't get only one for my policy, I get one for every condition. One of risk type "License" and one of risk type "Operational" regarding the package match.
This for one doubles the amount of policy violations and it also doesn't make sense to have to accept a policy violation because a third-party component doesn't match our internal package namespace.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi
I made a policy to check for licenses which are not in an allowed-licenses license group.
This works. But I also get policy violations for internal components which either have no license or one that's not allowed for third-party components. Is there a good way to exclude them from the license policy?
I configured the internal components in "Administration > Internal Components". They're also marked as internal. But I don't see a possibility to exclude them from the policy.
Excluding them with an additional condition (like PURL does not match package xyz) works for excluding them. But now if I get a policy violation I don't get only one for my policy, I get one for every condition. One of risk type "License" and one of risk type "Operational" regarding the package match.
This for one doubles the amount of policy violations and it also doesn't make sense to have to accept a policy violation because a third-party component doesn't match our internal package namespace.
Any help would be appreciated.
Beta Was this translation helpful? Give feedback.
All reactions