Scan Report

Created by ORT, the OSS Review Toolkit, version cc543c9380-dirty on 2023-04-02T17:24:33.167301390Z.

Project

Scanned revision d405343549e12f42a5afe4a999628f14ec06ac44 of Git repository https://github.com/adoptium/aqa-tests.git

Index

Rule Violation Summary (7 errors, 11 warnings, 18 hints to resolve)
PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44
Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44
Repository Configuration

Rule Violation Summary (7 errors, 11 warnings, 18 hints to resolve)

#	Rule	Package	License	Message
1	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::certifi:2022.12.7	DECLARED: MPL-2.0	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license MPL-2.0 of its dependency 'PyPI::certifi:2022.12.7'. Software under a copyleft license such as the MPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::certifi:2022.12.7' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
2	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::certifi:2022.12.7	DETECTED: MPL-2.0	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license MPL-2.0 of its dependency 'PyPI::certifi:2022.12.7'. Software under a copyleft license such as the MPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::certifi:2022.12.7' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
3	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::charset-normalizer:3.1.0	DETECTED: LGPL-2.1-only	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license LGPL-2.1-only of its dependency 'PyPI::charset-normalizer:3.1.0'. Software under a copyleft license such as the LGPL-2.1-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::charset-normalizer:3.1.0' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
4	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::charset-normalizer:3.1.0	DETECTED: MPL-1.1	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license MPL-1.1 of its dependency 'PyPI::charset-normalizer:3.1.0'. Software under a copyleft license such as the MPL-1.1 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::charset-normalizer:3.1.0' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
5	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: GPL-1.0-or-later	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license GPL-1.0-or-later of its dependency 'PyPI::lxml:4.9.2'. Software under a copyleft license such as the GPL-1.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::lxml:4.9.2' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
6	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license GPL-2.0-only of its dependency 'PyPI::lxml:4.9.2'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::lxml:4.9.2' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
7	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: GPL-2.0-or-later	The outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is incompatible with the inbound license GPL-2.0-or-later of its dependency 'PyPI::lxml:4.9.2'. Software under a copyleft license such as the GPL-2.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'PyPI::lxml:4.9.2' or put 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' under a different license.
8	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::charset-normalizer:3.1.0	DETECTED: CC-BY-SA-3.0	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license CC-BY-SA-3.0 of its dependency 'PyPI::charset-normalizer:3.1.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
9	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::charset-normalizer:3.1.0	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'PyPI::charset-normalizer:3.1.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
10	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::charset-normalizer:3.1.0	DETECTED: NOASSERTION	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license NOASSERTION of its dependency 'PyPI::charset-normalizer:3.1.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
11	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::idna:3.4	DETECTED: LicenseRef-scancode-unicode	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-unicode of its dependency 'PyPI::idna:3.4'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
12	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-proprietary-license	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-proprietary-license of its dependency 'PyPI::lxml:4.9.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
13	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'PyPI::lxml:4.9.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
14	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-secret-labs-2011	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-secret-labs-2011 of its dependency 'PyPI::lxml:4.9.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
15	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::lxml:4.9.2	DETECTED: NOASSERTION	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license NOASSERTION of its dependency 'PyPI::lxml:4.9.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
16	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::requests:2.28.2	DETECTED: LGPL-2.0-or-later	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LGPL-2.0-or-later of its dependency 'PyPI::requests:2.28.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
17	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::requests:2.28.2	DETECTED: NOASSERTION	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license NOASSERTION of its dependency 'PyPI::requests:2.28.2'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
18	OSADL_PROJECT_LICENSE_COMPATIBILITY	PyPI::urllib3:1.26.15	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'PyPI::urllib3:1.26.15'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
19	DEPENDENCY_LICENSE_CHECK	PyPI::certifi:2022.12.7	DETECTED: Python-2.0	License Python-2.0 of dependency 'PyPI::certifi:2022.12.7' is unclassified. How to fix Classify Python-2.0 as either approved or restricted.
20	DEPENDENCY_LICENSE_CHECK	PyPI::charset-normalizer:3.1.0	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'PyPI::charset-normalizer:3.1.0' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
21	DEPENDENCY_LICENSE_CHECK	PyPI::charset-normalizer:3.1.0	DETECTED: NOASSERTION	License NOASSERTION of dependency 'PyPI::charset-normalizer:3.1.0' is unclassified. How to fix Classify NOASSERTION as either approved or restricted.
22	DEPENDENCY_LICENSE_CHECK	PyPI::idna:3.4	DETECTED: LicenseRef-scancode-unicode	License LicenseRef-scancode-unicode of dependency 'PyPI::idna:3.4' is unclassified. How to fix Classify LicenseRef-scancode-unicode as either approved or restricted.
23	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: GPL-1.0-or-later	License GPL-1.0-or-later of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify GPL-1.0-or-later as either approved or restricted.
24	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: GPL-2.0-only	License GPL-2.0-only of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify GPL-2.0-only as either approved or restricted.
25	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: GPL-2.0-or-later	License GPL-2.0-or-later of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify GPL-2.0-or-later as either approved or restricted.
26	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-proprietary-license	License LicenseRef-scancode-proprietary-license of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify LicenseRef-scancode-proprietary-license as either approved or restricted.
27	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
28	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: LicenseRef-scancode-secret-labs-2011	License LicenseRef-scancode-secret-labs-2011 of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify LicenseRef-scancode-secret-labs-2011 as either approved or restricted.
29	DEPENDENCY_LICENSE_CHECK	PyPI::lxml:4.9.2	DETECTED: NOASSERTION	License NOASSERTION of dependency 'PyPI::lxml:4.9.2' is unclassified. How to fix Classify NOASSERTION as either approved or restricted.
30	DEPENDENCY_LICENSE_CHECK	PyPI::requests:2.28.2	DETECTED: NOASSERTION	License NOASSERTION of dependency 'PyPI::requests:2.28.2' is unclassified. How to fix Classify NOASSERTION as either approved or restricted.
31	DEPENDENCY_LICENSE_CHECK	PyPI::urllib3:1.26.15	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'PyPI::urllib3:1.26.15' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
32	DEPENDENCY_LICENSE_CHECK	PyPI::urllib3:1.26.15	DETECTED: Python-2.0	License Python-2.0 of dependency 'PyPI::urllib3:1.26.15' is unclassified. How to fix Classify Python-2.0 as either approved or restricted.
33	PROJECT_LICENSE_CHECK	Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44	DETECTED: Apache-2.0 WITH LicenseRef-scancode-commons-clause	License Apache-2.0 WITH LicenseRef-scancode-commons-clause of project 'Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44' is unclassified. How to fix Classify Apache-2.0 WITH LicenseRef-scancode-commons-clause as either approved or restricted.
34	PROJECT_LICENSE_CHECK	Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44	DETECTED: LicenseRef-scancode-unicode	License LicenseRef-scancode-unicode of project 'Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44' is unclassified. How to fix Classify LicenseRef-scancode-unicode as either approved or restricted.
35	PROJECT_LICENSE_CHECK	Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44	DETECTED: NAIST-2003	License NAIST-2003 of project 'Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44' is unclassified. How to fix Classify NAIST-2003 as either approved or restricted.
36	PROJECT_LICENSE_CHECK	Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44	DETECTED: NOASSERTION	License NOASSERTION of project 'Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44' is unclassified. How to fix Classify NOASSERTION as either approved or restricted.

PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44 (scripts/disabled_tests/requirements.txt)

VCS Information

Type	Git
URL	https://github.com/adoptium/aqa-tests.git
Path	scripts/disabled_tests
Revision	d405343549e12f42a5afe4a999628f14ec06ac44

Packages

#	Package	Scopes	Licenses
1	PIP::scripts/disabled_tests/requirements.txt:d405343549e12f42a5afe4a999628f14ec06ac44		Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 2 locations) Effective License: Apache-2.0
2	PyPI::certifi:2022.12.7	install	Declared Licenses: MPL-2.0 Detected Licenses (from artifact): MPL-2.0 Python-2.0 Effective License: MPL-2.0 AND Python-2.0
3	PyPI::charset-normalizer:3.1.0	install	Declared Licenses: MIT Detected Licenses (from VCS): CC-BY-SA-3.0 (link to the location) LGPL-2.1-only (link to the location) LicenseRef-scancode-public-domain (link to the location) MIT (exemplary link to the first of 6 locations) MPL-1.1 (link to the location) NOASSERTION (exemplary link to the first of 2 locations) Effective License: CC-BY-SA-3.0 AND LGPL-2.1-only AND LicenseRef-scancode-public-domain AND MIT AND MPL-1.1 AND NOASSERTION
4	PyPI::idna:3.4	install	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 4 locations) LicenseRef-scancode-unicode (link to the location) Effective License: BSD-3-Clause AND LicenseRef-scancode-unicode
5	PyPI::lxml:4.9.2	install	Declared Licenses: BSD-3-Clause Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 13 locations) GPL-1.0-or-later (exemplary link to the first of 3 locations) GPL-2.0-only (link to the location) GPL-2.0-or-later (link to the location) LicenseRef-scancode-proprietary-license (link to the location) LicenseRef-scancode-public-domain (link to the location) LicenseRef-scancode-secret-labs-2011 (exemplary link to the first of 4 locations) MIT (exemplary link to the first of 7 locations) NOASSERTION (exemplary link to the first of 7 locations) Zlib (exemplary link to the first of 5 locations) Effective License: BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND LicenseRef-scancode-proprietary-license AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-secret-labs-2011 AND MIT AND NOASSERTION AND Zlib
6	PyPI::requests:2.28.2	install	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 10 locations) BSD-2-Clause (link to the location) BSD-3-Clause (link to the location) ISC (exemplary link to the first of 2 locations) LGPL-2.0-or-later (exemplary link to the first of 2 locations) MIT (exemplary link to the first of 2 locations) NOASSERTION (exemplary link to the first of 4 locations) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND LGPL-2.0-or-later AND MIT AND NOASSERTION
7	PyPI::urllib3:1.26.15	install	Declared Licenses: MIT Detected Licenses (from VCS): Apache-2.0 (link to the location) LicenseRef-scancode-public-domain (link to the location) MIT (exemplary link to the first of 10 locations) Python-2.0 (link to the location) Effective License: Apache-2.0 AND LicenseRef-scancode-public-domain AND MIT AND Python-2.0

Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44 ()

VCS Information

Type	Git
URL	https://github.com/adoptium/aqa-tests
Path
Revision	d405343549e12f42a5afe4a999628f14ec06ac44

Packages

#	Package	Scopes	Licenses	Analyzer Issues	Scanner Issues
1	Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44		Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 780 locations) Apache-2.0 WITH LicenseRef-scancode-commons-clause (exemplary link to the first of 2 locations) BSD-3-Clause (exemplary link to the first of 11 locations) CC-BY-SA-3.0 (link to the location) CC0-1.0 (exemplary link to the first of 6 locations) CDDL-1.0 (link to the location) CPL-1.0 (exemplary link to the first of 2 locations) LGPL-2.0-or-later (link to the location) LicenseRef-scancode-unicode (exemplary link to the first of 35 locations) MIT (exemplary link to the first of 2 locations) NAIST-2003 (link to the location) NOASSERTION (exemplary link to the first of 5 locations) Effective License: Apache-2.0 AND Apache-2.0 WITH LicenseRef-scancode-commons-clause AND BSD-3-Clause AND CC-BY-SA-3.0 AND CC0-1.0 AND CDDL-1.0 AND CPL-1.0 AND LGPL-2.0-or-later AND LicenseRef-scancode-unicode AND MIT AND NAIST-2003 AND NOASSERTION

Package

Scopes

Licenses

Analyzer Issues

Scanner Issues

Unmanaged::aqa-tests:d405343549e12f42a5afe4a999628f14ec06ac44

Detected Licenses (from VCS):

Apache-2.0 (exemplary link to the first of 780 locations)

Apache-2.0 WITH LicenseRef-scancode-commons-clause (exemplary link to the first of 2 locations)

BSD-3-Clause (exemplary link to the first of 11 locations)

CC-BY-SA-3.0 (link to the location)

CC0-1.0 (exemplary link to the first of 6 locations)

CDDL-1.0 (link to the location)

CPL-1.0 (exemplary link to the first of 2 locations)

LGPL-2.0-or-later (link to the location)

LicenseRef-scancode-unicode (exemplary link to the first of 35 locations)

MIT (exemplary link to the first of 2 locations)

NAIST-2003 (link to the location)

NOASSERTION (exemplary link to the first of 5 locations)

Effective License:

Apache-2.0 AND Apache-2.0 WITH LicenseRef-scancode-commons-clause AND BSD-3-Clause AND CC-BY-SA-3.0 AND CC0-1.0 AND CDDL-1.0 AND CPL-1.0 AND LGPL-2.0-or-later AND LicenseRef-scancode-unicode AND MIT AND NAIST-2003 AND NOASSERTION

Repository Configuration


---
excludes:
  paths:
  - pattern: "**/META-INF/DEPENDENCIES"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/META-INF/NOTICE*"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/*.svg"
    reason: "BUILD_TOOL_OF"
    comment: "SVG files do not contain any license information."
  - pattern: "package-lock.json"
    reason: "BUILD_TOOL_OF"
    comment: "Does not contain any license information."