...
same policy/licence across projects in the product vs differentiated project policies
Interpreting Risk
...
Report
The Risk Report is a tool that provides a view of all aspects of open-source libraries concerning their licenses, security, quality and compliance.
...
Click Export to PDF at the top right of the report and export the Risk report as a PDF file.
Interpreting License Compatibility Report
The License Compatibility Report provides information on the compatibility of libraries with different software licenses distributed together in the same product or project.
Creating the Report
- The report is available from the "Reports" menu.
Select the scope for which the report should be created - open the dropdown menu next to the report name and select the product or specific project on which you want to base the report
- Click Apply and wait for the data to load into the report preview table.
Understanding the Report Data
The License Compatibility Report provides the following columns of information in a table:
Library - the name of the open source library that has a license conflict
Licence - the library's license
Incompatible with Licence - the licence to which the library's licence is incompatible
Incompatibility Type - displays the type of licence for which there is an actual, suspected or potential incompatibility:
Incompatible - the library’s licence is fundamentally incompatible and cannot be used under any circumstance
Suspected - a suspected incompatibility is displayed when the licence compatibility is dependent on the library’s hierarchy within the Product or Project, and the library’s hierarchy is unknown
Potential - the library being evaluated is licenced under multiple licenses, meaning that you can choose under which licence the library will be licensed
Incompatibility Occurrences - displays the number of libraries that include the suspected or actual incompatible licence. When the scope is a product, it also displays the number of projects that are impacted by the incompatibility
Customising visibility
The GEANT WhiteSource admins can always see all scanned GEANT products.
...