search

Override License Classifications

hashtag
Summary

Arnica can identify license risks and violations in 3rd party open source packages. By default, Arnica classifies the licenses according to Google's open source documentationarrow-up-right, but also allows to override the licenses to fit each customer's needs. This page explains how to do it.

hashtag
Licenses policy

License classification risks can be modified and individual licenses can be overridden with forbidden or allowed classification.

circle-exclamation

The changes described in the sections below will be reflected the next time full source code scan is performed (daily on paid plans) or in the next event triggered by the code risk policy, such as a code push or a pull request.

hashtag
Modify license classification risk severity

  1. Navigate to the policies pagearrow-up-right and expand Code Risks and then Licenses.

  2. Change the risk severity any of the classification levels by clicking on the preferred risk severity chip.

License classification policy in Arnica

  1. Click on Save in the bottom of the policy section.

hashtag
Override forbidden & approved licenses

  1. Navigate to the policies pagearrow-up-right and expand Code Risks and then Licenses.

  2. Click on the + next to the license that needs to be explicitly forbidden or approved.

  3. Select the license by browsing through all licenses or searching at the top of the message box.

License override search

  1. The selected licenses will appear in the overrides section. Validate the licenses and click on Save in the bottom of the policy section.

Overridden licenses
Previous3rd Party Package LicensesNext3rd Party Package Reputation

Last updated

Was this helpful?