Versions Compared

Old Version 28

changes.mady.by.user Milica Ristic

Saved on

compared with

New Version 29

changes.mady.by.user Milica Ristic

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

same policy/licence across projects in the product vs differentiated project policies


Interpreting Risk

...

Report

The Risk Report is a tool that provides a view of all aspects of open-source libraries concerning their licenses, security, quality and compliance.

...

Click Export to PDF at the top right of the report and export the Risk report as a PDF file.

Interpreting License Compatibility Report

The License Compatibility Report provides information on the compatibility of libraries with different software licenses distributed together in the same product or project. 

Creating the Report

  1. The report is available from the "Reports" menu. 

  2. Select the scope for which the report should be created - open the dropdown menu next to the report name and select the product or specific project on which you want to base the report

  3. Click Apply and wait for the data to load into the report preview table.

Understanding the Report Data

The License Compatibility Report provides the following columns of information in a table:

  • Library - the name of the open source library that has a license conflict

  • Licence - the library's license

  • Incompatible with Licence - the licence to which the library's licence is incompatible

  • Incompatibility Type - displays the type of licence for which there is an actual, suspected or potential incompatibility:

    • Incompatible - the library’s licence is fundamentally incompatible and cannot be used under any circumstance

    • Suspected - a suspected incompatibility is displayed when the licence compatibility is dependent on the library’s hierarchy within the Product or Project, and the library’s hierarchy is unknown

    • Potential - the library being evaluated is licenced under multiple licenses, meaning that you can choose under which licence the library will be licensed

  • Incompatibility Occurrences - displays the number of libraries that include the suspected or actual incompatible licence. When the scope is a product, it also displays the number of projects that are impacted by the incompatibility

Customising visibility

The GEANT WhiteSource admins can always see all scanned GEANT products.

...