Override License Classifications

Summary

Arnica can identify license risks and violations in 3rd party open source packages. By default, Arnica classifies the licenses according to Google's open source documentation, but also allows to override the licenses to fit each customer's needs. This page explains how to do it.

Licenses policy

License classification risks can be modified and individual licenses can be overridden with forbidden or allowed classification.

Modify license classification risk severity

  1. Navigate to the policies page and expand Code Risks and then Licenses.

  2. Change the risk severity any of the classification levels by clicking on the preferred risk severity chip.

License classification policy in Arnica
  1. Click on Save in the bottom of the policy section.

Override forbidden & approved licenses

  1. Navigate to the policies page and expand Code Risks and then Licenses.

  2. Click on the + next to the license that needs to be explicitly forbidden or approved.

  3. Select the license by browsing through all licenses or searching at the top of the message box.

License override search
  1. The selected licenses will appear in the overrides section. Validate the licenses and click on Save in the bottom of the policy section.

Overridden licenses

Last updated

Was this helpful?