Scan Report

Created by ORT, the OSS Review Toolkit, version cc543c9380-dirty on 2023-04-27T22:11:36.557522597Z.

Project

Scanned revision 18483f2aadaabc6fdb00ea47d32815457341e7f1 of Git repository https://github.com/eclipse-tractusx/charts.git

Index

Rule Violation Summary (23 errors, 85 warnings, 80 hints to resolve)
Issue Summary (1 errors, 0 warnings, 0 hints to resolve)
GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1
Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1
Repository Configuration

Rule Violation Summary (23 errors, 85 warnings, 80 hints to resolve)

Issue Summary (1 errors, 0 warnings, 0 hints to resolve)

Issues from excluded components are not shown in this summary.

Packages

#	Package	Analyzer Issues	Scanner Issues
1	Go::github.com/google/go-github/v48:48.0.0		GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1 2023-04-27T19:51:43.051904603Z [ERROR]: scanner - Could not resolve provenance for package 'Go::github.com/google/go-github/v48:48.0.0': IOException: Could not resolve provenance for 'Go::github.com/google/go-github/v48:48.0.0' for source code origins [VCS, ARTIFACT]. Resolution of VCS failed with: IOException: Could not resolve revision for package 'Go::github.com/google/go-github/v48:48.0.0' with VcsInfo(type=Git, url=https://github.com/google/go-github.git, revision=v48.0.0, path=v48): Discarding revision 'v48.0.0' because the requested VCS path 'v48' does not exist.

GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1 (src/helmRepoIndex/go.mod)

VCS Information

Type	Git
URL	https://github.com/eclipse-tractusx/charts.git
Path	src/helmRepoIndex
Revision	18483f2aadaabc6fdb00ea47d32815457341e7f1

Packages

#	Package	Scopes	Licenses	Scanner Issues
1	GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1		Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 4 locations) Effective License: Apache-2.0
2	Go::github.com/Azure/go-ansiterm:0.0.0-20210617225240-d185dfc1b5a1	vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
3	Go::github.com/Masterminds/semver/v3:3.1.1	main vendor	Detected Licenses (from VCS): MIT (link to the location) Effective License: MIT
4	Go::github.com/PuerkitoBio/purell:1.1.1	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 2 locations) Effective License: BSD-3-Clause
5	Go::github.com/PuerkitoBio/urlesc:0.0.0-20170810143723-de5bf2ad4578	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 4 locations) Effective License: BSD-3-Clause
6	Go::github.com/beorn7/perks:1.0.1	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
7	Go::github.com/cespare/xxhash/v2:2.1.2	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
8	Go::github.com/containerd/containerd:1.6.6	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 2198 locations) BSD-2-Clause (exemplary link to the first of 69 locations) BSD-3-Clause (exemplary link to the first of 654 locations) CC-BY-SA-4.0 (exemplary link to the first of 5 locations) GPL-1.0-or-later (link to the location) GPL-2.0-only (link to the location) ISC (exemplary link to the first of 10 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 12 locations) LicenseRef-scancode-google-patent-license-golang (exemplary link to the first of 10 locations) LicenseRef-scancode-oasis-ipr-policy-2014 (exemplary link to the first of 3 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 3 locations) MIT (exemplary link to the first of 70 locations) MPL-2.0 (exemplary link to the first of 2 locations) NOASSERTION (exemplary link to the first of 49 locations) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC-BY-SA-4.0 AND GPL-1.0-or-later AND GPL-2.0-only AND ISC AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-oasis-ipr-policy-2014 AND LicenseRef-scancode-public-domain AND MIT AND MPL-2.0 AND NOASSERTION
9	Go::github.com/davecgh/go-spew:1.1.1	main vendor	Detected Licenses (from VCS): ISC (exemplary link to the first of 23 locations) Effective License: ISC
10	Go::github.com/docker/cli:20.10.17	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 1401 locations) BSD-2-Clause (exemplary link to the first of 35 locations) BSD-3-Clause (exemplary link to the first of 523 locations) CC-BY-4.0 (exemplary link to the first of 2 locations) CC-BY-SA-4.0 (exemplary link to the first of 5 locations) GPL-2.0-only (link to the location) ISC (exemplary link to the first of 13 locations) JSON (link to the location) LGPL-2.1-or-later (exemplary link to the first of 2 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 4 locations) LicenseRef-scancode-google-patent-license-golang (exemplary link to the first of 8 locations) LicenseRef-scancode-oasis-ipr-policy-2014 (exemplary link to the first of 3 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 5 locations) MIT (exemplary link to the first of 44 locations) MPL-2.0 (link to the location) NOASSERTION (exemplary link to the first of 10 locations) OpenSSL (link to the location) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC-BY-4.0 AND CC-BY-SA-4.0 AND GPL-2.0-only AND ISC AND JSON AND LGPL-2.1-or-later AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-oasis-ipr-policy-2014 AND LicenseRef-scancode-public-domain AND MIT AND MPL-2.0 AND NOASSERTION AND OpenSSL
11	Go::github.com/docker/distribution:2.8.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 227 locations) BSD-2-Clause (exemplary link to the first of 4 locations) BSD-2-Clause-Views (link to the location) BSD-3-Clause (exemplary link to the first of 140 locations) CC-BY-SA-4.0 (exemplary link to the first of 4 locations) CDDL-1.1 (link to the location) GPL-2.0-only (link to the location) GPL-2.0-only WITH Classpath-exception-2.0 (link to the location) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 2 locations) LicenseRef-scancode-google-patent-license-golang (exemplary link to the first of 4 locations) LicenseRef-scancode-proprietary-license (link to the location) MIT (exemplary link to the first of 32 locations) NOASSERTION (exemplary link to the first of 5 locations) Zlib (link to the location) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-SA-4.0 AND CDDL-1.1 AND GPL-2.0-only AND GPL-2.0-only WITH Classpath-exception-2.0 AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-proprietary-license AND MIT AND NOASSERTION AND Zlib OR Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-SA-4.0 AND CDDL-1.1 AND GPL-2.0-only WITH Classpath-exception-2.0 AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-proprietary-license AND MIT AND NOASSERTION AND Zlib
12	Go::github.com/docker/docker:20.10.17	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 920 locations) BSD-2-Clause (exemplary link to the first of 36 locations) BSD-3-Clause (exemplary link to the first of 787 locations) CC-BY-4.0 (exemplary link to the first of 2 locations) CC-BY-SA-4.0 (exemplary link to the first of 7 locations) GPL-1.0-or-later (exemplary link to the first of 139 locations) GPL-2.0-only (exemplary link to the first of 4 locations) LGPL-2.1-only (link to the location) LGPL-2.1-or-later (exemplary link to the first of 2 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 7 locations) LicenseRef-scancode-google-patent-license-golang (exemplary link to the first of 7 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 6 locations) MIT (exemplary link to the first of 81 locations) MPL-2.0 (exemplary link to the first of 9 locations) NOASSERTION (exemplary link to the first of 24 locations) OpenSSL (link to the location) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC-BY-4.0 AND CC-BY-SA-4.0 AND GPL-1.0-or-later AND GPL-2.0-only AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-public-domain AND MIT AND MPL-2.0 AND NOASSERTION AND OpenSSL
13	Go::github.com/docker/docker-credential-helpers:0.6.4	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 2 locations) LicenseRef-scancode-google-patent-license-golang (link to the location) MIT (exemplary link to the first of 4 locations) Effective License: BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang AND MIT
14	Go::github.com/docker/go-connections:0.4.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-dco-1.1
15	Go::github.com/docker/go-metrics:0.0.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) CC-BY-SA-4.0 (exemplary link to the first of 2 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND CC-BY-SA-4.0 AND LicenseRef-scancode-dco-1.1
16	Go::github.com/docker/go-units:0.4.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-dco-1.1
17	Go::github.com/emicklei/go-restful/v3:3.8.0	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) NOASSERTION (exemplary link to the first of 27 locations) Effective License: MIT AND NOASSERTION
18	Go::github.com/evanphx/json-patch:5.6.0	main vendor	Detected Licenses (from VCS): BSD-3-Clause (link to the location) Effective License: BSD-3-Clause
19	Go::github.com/go-errors/errors:1.0.1	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
20	Go::github.com/go-logr/logr:1.2.3	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 21 locations) Effective License: Apache-2.0
21	Go::github.com/go-openapi/jsonpointer:0.19.5	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 4 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-dco-1.1
22	Go::github.com/go-openapi/jsonreference:0.19.5	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 4 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-dco-1.1
23	Go::github.com/go-openapi/swag:0.19.14	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 24 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 3 locations) MIT (link to the location) Effective License: Apache-2.0 AND LicenseRef-scancode-dco-1.1 AND MIT
24	Go::github.com/gogo/protobuf:1.3.2	main vendor	Detected Licenses (from VCS): BSD-2-Clause (exemplary link to the first of 305 locations) BSD-3-Clause (exemplary link to the first of 121 locations) NOASSERTION (link to the location) Effective License: BSD-2-Clause AND BSD-3-Clause AND NOASSERTION
25	Go::github.com/golang/protobuf:1.5.2	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 47 locations) NOASSERTION (link to the location) Effective License: BSD-3-Clause AND NOASSERTION
26	Go::github.com/google/btree:1.0.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 5 locations) Effective License: Apache-2.0
27	Go::github.com/google/gnostic:0.5.7-v3refs	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 154 locations) BSD-3-Clause (exemplary link to the first of 12 locations) JSON (exemplary link to the first of 2 locations) LicenseRef-scancode-cc-pdm-1.0 (exemplary link to the first of 4 locations) MIT (exemplary link to the first of 30 locations) NOASSERTION (exemplary link to the first of 7 locations) Effective License: Apache-2.0 AND BSD-3-Clause AND JSON AND LicenseRef-scancode-cc-pdm-1.0 AND MIT AND NOASSERTION
28	Go::github.com/google/go-github/v48:48.0.0	main vendor		2023-04-27T19:51:43.051904603Z [ERROR]: scanner - Could not resolve provenance for package 'Go::github.com/google/go-github/v48:48.0.0': IOException: Could not resolve provenance for 'Go::github.com/google/go-github/v48:48.0.0' for source code origins [VCS, ARTIFACT]. Resolution of VCS failed with: IOException: Could not resolve revision for package 'Go::github.com/google/go-github/v48:48.0.0' with VcsInfo(type=Git, url=https://github.com/google/go-github.git, revision=v48.0.0, path=v48): Discarding revision 'v48.0.0' because the requested VCS path 'v48' does not exist.
29	Go::github.com/google/go-querystring:1.1.0	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 3 locations) NOASSERTION (link to the location) Effective License: BSD-3-Clause AND NOASSERTION
30	Go::github.com/google/gofuzz:1.2.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 7 locations) NOASSERTION (link to the location) Effective License: Apache-2.0 AND NOASSERTION
31	Go::github.com/google/shlex:0.0.0-20191202100458-e7afc7fbc510	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) Effective License: Apache-2.0
32	Go::github.com/google/uuid:1.2.0	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 18 locations) NOASSERTION (link to the location) Effective License: BSD-3-Clause AND NOASSERTION
33	Go::github.com/gorilla/mux:1.8.0	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 11 locations) Effective License: BSD-3-Clause
34	Go::github.com/gregjones/httpcache:0.0.0-20180305231024-9cad4c3443a7	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
35	Go::github.com/imdario/mergo:0.3.12	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 8 locations) Effective License: BSD-3-Clause
36	Go::github.com/inconshreveable/mousetrap:1.0.0	vendor	Detected Licenses (from VCS): Apache-2.0 (link to the location) Effective License: Apache-2.0
37	Go::github.com/josharian/intern:1.0.0	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
38	Go::github.com/json-iterator/go:1.1.12	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
39	Go::github.com/klauspost/compress:1.13.6	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 5 locations) BSD-3-Clause (exemplary link to the first of 109 locations) MIT (exemplary link to the first of 10 locations) NOASSERTION (exemplary link to the first of 7 locations) Effective License: Apache-2.0 AND BSD-3-Clause AND MIT AND NOASSERTION
40	Go::github.com/liggitt/tabwriter:0.0.0-20181228230101-89fcab3d43de	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 4 locations) Effective License: BSD-3-Clause
41	Go::github.com/mailru/easyjson:0.7.6	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 2 locations) MIT (link to the location) Effective License: BSD-3-Clause AND MIT
42	Go::github.com/matttproud/golang_protobuf_extensions:1.0.2-0.20181231171920-c182affec369	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 7 locations) BSD-3-Clause (link to the location) Effective License: Apache-2.0 AND BSD-3-Clause
43	Go::github.com/moby/locker:1.0.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 2 locations) Effective License: Apache-2.0
44	Go::github.com/moby/term:0.0.0-20210619224110-3f7ff695adc6	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) NOASSERTION (link to the location) Effective License: Apache-2.0 AND NOASSERTION
45	Go::github.com/modern-go/concurrent:0.0.0-20180306012644-bacd9c7ef1dd	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 2 locations) Effective License: Apache-2.0
46	Go::github.com/modern-go/reflect2:1.0.2	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 2 locations) Effective License: Apache-2.0
47	Go::github.com/monochromegane/go-gitignore:0.0.0-20200626010858-205db1a8cc00	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
48	Go::github.com/morikuni/aec:1.0.0	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
49	Go::github.com/munnerz/goautoneg:0.0.0-20191010083416-a7dc8b61c822	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 3 locations) Effective License: BSD-3-Clause
50	Go::github.com/opencontainers/go-digest:1.0.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 13 locations) CC-BY-SA-4.0 (exemplary link to the first of 2 locations) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND CC-BY-SA-4.0 AND LicenseRef-scancode-dco-1.1
51	Go::github.com/opencontainers/image-spec:1.0.3-0.20211202183452-c5a74bcca799	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 30 locations) GPL-2.0-only (link to the location) LicenseRef-scancode-dco-1.1 (exemplary link to the first of 2 locations) NOASSERTION (link to the location) Effective License: Apache-2.0 AND GPL-2.0-only AND LicenseRef-scancode-dco-1.1 AND NOASSERTION OR Apache-2.0 AND LicenseRef-scancode-dco-1.1 AND NOASSERTION
52	Go::github.com/peterbourgon/diskv:2.0.1	main vendor	Detected Licenses (from VCS): MIT (link to the location) Effective License: MIT
53	Go::github.com/pkg/errors:0.9.1	main vendor	Detected Licenses (from VCS): BSD-2-Clause (exemplary link to the first of 2 locations) Effective License: BSD-2-Clause
54	Go::github.com/prometheus/client_golang:1.12.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 97 locations) BSD-3-Clause (link to the location) Effective License: Apache-2.0 AND BSD-3-Clause
55	Go::github.com/prometheus/client_model:0.2.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 3 locations) Effective License: Apache-2.0
56	Go::github.com/prometheus/common:0.32.1	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 54 locations) BSD-3-Clause (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND BSD-3-Clause
57	Go::github.com/prometheus/procfs:0.7.3	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 160 locations) Effective License: Apache-2.0
58	Go::github.com/sirupsen/logrus:1.8.1	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
59	Go::github.com/spf13/cobra:1.5.0	main vendor	Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 12 locations) Effective License: Apache-2.0
60	Go::github.com/spf13/pflag:1.0.5	main vendor	Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 20 locations) Effective License: BSD-3-Clause
61	Go::github.com/xlab/treeprint:1.1.0	main vendor	Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
62	Go::go.starlark.net:0.0.0-20200306205701-8dd3e2ee1dd5	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause NOASSERTION Effective License: Apache-2.0 AND BSD-3-Clause AND NOASSERTION
63	Go::golang.org/x/crypto:0.0.0-20220525230936-793ad666bf5e	main vendor	Detected Licenses (from artifact): BSD-3-Clause CC0-1.0 LicenseRef-scancode-google-patent-license-golang LicenseRef-scancode-public-domain MIT OpenSSL Effective License: BSD-3-Clause AND CC0-1.0 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-public-domain AND MIT OR BSD-3-Clause AND CC0-1.0 AND LicenseRef-scancode-google-patent-license-golang AND LicenseRef-scancode-public-domain AND MIT AND OpenSSL
64	Go::golang.org/x/net:0.2.0	main vendor	Detected Licenses (from artifact): BSD-2-Clause BSD-3-Clause LicenseRef-scancode-google-patent-license-golang NOASSERTION W3C-19980720 Effective License: BSD-2-Clause AND BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang AND NOASSERTION AND W3C-19980720
65	Go::golang.org/x/oauth2:0.2.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause Effective License: BSD-3-Clause
66	Go::golang.org/x/sync:0.1.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
67	Go::golang.org/x/sys:0.2.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause IPA LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND IPA AND LicenseRef-scancode-google-patent-license-golang
68	Go::golang.org/x/term:0.2.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
69	Go::golang.org/x/text:0.4.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause CC-BY-SA-1.0 CC-BY-SA-2.0 CC-BY-SA-2.5 CC-BY-SA-3.0 LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND CC-BY-SA-1.0 AND CC-BY-SA-2.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0 AND LicenseRef-scancode-google-patent-license-golang
70	Go::golang.org/x/time:0.0.0-20220609170525-579cf78fd858	main vendor	Detected Licenses (from artifact): BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
71	Go::google.golang.org/appengine:1.6.7	vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause NOASSERTION Effective License: Apache-2.0 AND BSD-3-Clause AND NOASSERTION
72	Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e	main vendor	Detected Licenses (from artifact): Apache-2.0 GPL-1.0-or-later GPL-2.0-or-later WITH Bison-exception-2.2 JSON LGPL-2.1-only MIT NOASSERTION Effective License: Apache-2.0 AND GPL-1.0-or-later AND GPL-2.0-or-later WITH Bison-exception-2.2 AND JSON AND LGPL-2.1-only AND NOASSERTION OR Apache-2.0 AND GPL-2.0-or-later WITH Bison-exception-2.2 AND JSON AND LGPL-2.1-only AND MIT AND NOASSERTION
73	Go::google.golang.org/grpc:1.50.1	main vendor	Detected Licenses (from artifact): Apache-2.0 NOASSERTION Effective License: Apache-2.0 AND NOASSERTION
74	Go::google.golang.org/protobuf:1.28.1	main vendor	Detected Licenses (from artifact): BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
75	Go::gopkg.in/inf.v0:0.9.1	main vendor	Detected Licenses (from artifact): BSD-3-Clause Effective License: BSD-3-Clause
76	Go::gopkg.in/yaml.v2:2.4.0	main vendor	Detected Licenses (from artifact): Apache-2.0 MIT Effective License: Apache-2.0 AND MIT
77	Go::gopkg.in/yaml.v3:3.0.1	main vendor	Detected Licenses (from artifact): Apache-2.0 MIT Effective License: Apache-2.0 AND MIT
78	Go::helm.sh/helm/v3:3.10.2	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause LicenseRef-scancode-dco-1.1 MIT Effective License: Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-dco-1.1 AND MIT
79	Go::k8s.io/api:0.25.2	main vendor	Detected Licenses (from artifact): Apache-2.0 Effective License: Apache-2.0
80	Go::k8s.io/apimachinery:0.25.2	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
81	Go::k8s.io/cli-runtime:0.25.2	main vendor	Detected Licenses (from artifact): Apache-2.0 Effective License: Apache-2.0
82	Go::k8s.io/client-go:0.25.2	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
83	Go::k8s.io/klog/v2:2.70.1	main vendor	Detected Licenses (from artifact): Apache-2.0 NOASSERTION Effective License: Apache-2.0 AND NOASSERTION
84	Go::k8s.io/kube-openapi:0.0.0-20220803162953-67bda5d908f1	main vendor	Detected Licenses (from artifact): Apache-2.0 CC-BY-4.0 LicenseRef-scancode-dco-1.1 LicenseRef-scancode-proprietary-license MIT Effective License: Apache-2.0 AND CC-BY-4.0 AND LicenseRef-scancode-dco-1.1 AND LicenseRef-scancode-proprietary-license AND MIT
85	Go::k8s.io/utils:0.0.0-20220728103510-ee6ede2d64ed	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause LicenseRef-scancode-google-patent-license-golang Effective License: Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
86	Go::oras.land/oras-go:1.2.0	main vendor	Detected Licenses (from artifact): Apache-2.0 Effective License: Apache-2.0
87	Go::sigs.k8s.io/json:0.0.0-20220713155537-f223a00ba0e2	main vendor	Detected Licenses (from artifact): Apache-2.0 BSD-3-Clause NOASSERTION Effective License: Apache-2.0 AND BSD-3-Clause AND NOASSERTION
88	Go::sigs.k8s.io/kustomize/api:0.12.1	main vendor	Detected Licenses (from artifact): Apache-2.0 NOASSERTION Effective License: Apache-2.0 AND NOASSERTION
89	Go::sigs.k8s.io/kustomize/kyaml:0.13.9	main vendor	Detected Licenses (from artifact): Apache-2.0 JSON MIT Effective License: Apache-2.0 AND JSON AND MIT
90	Go::sigs.k8s.io/structured-merge-diff/v4:4.2.3	main vendor	Detected Licenses (from artifact): Apache-2.0 NOASSERTION Effective License: Apache-2.0 AND NOASSERTION
91	Go::sigs.k8s.io/yaml:1.3.0	main vendor	Detected Licenses (from artifact): BSD-3-Clause MIT NOASSERTION Effective License: BSD-3-Clause AND MIT AND NOASSERTION

Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1 ()

VCS Information

Type	Git
URL	https://github.com/eclipse-tractusx/charts
Path
Revision	18483f2aadaabc6fdb00ea47d32815457341e7f1

Packages

#	Package	Scopes	Licenses	Analyzer Issues	Scanner Issues
1	Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1		Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 241 locations) BSD-2-Clause (exemplary link to the first of 32 locations) BSD-2-Clause-Views (link to the location) BSD-3-Clause (exemplary link to the first of 241 locations) CC-BY-3.0 (exemplary link to the first of 16 locations) CC-BY-4.0 (exemplary link to the first of 15 locations) CC-BY-SA-4.0 (exemplary link to the first of 5 locations) EPL-2.0 (link to the location) GPL-1.0-or-later (exemplary link to the first of 42 locations) JSON (exemplary link to the first of 5 locations) LGPL-2.0-or-later (link to the location) LGPL-2.1-or-later (exemplary link to the first of 2 locations) MPL-2.0 (exemplary link to the first of 3 locations) NOASSERTION (exemplary link to the first of 2 locations) Unlicense (link to the location) W3C-19980720 (link to the location) WTFPL (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-3.0 AND CC-BY-4.0 AND CC-BY-SA-4.0 AND EPL-2.0 AND GPL-1.0-or-later AND JSON AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MPL-2.0 AND NOASSERTION AND Unlicense AND W3C-19980720 AND WTFPL OR Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-3.0 AND CC-BY-4.0 AND CC-BY-SA-4.0 AND GPL-1.0-or-later AND JSON AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MPL-2.0 AND NOASSERTION AND Unlicense AND W3C-19980720 AND WTFPL

Package

Scopes

Licenses

Analyzer Issues

Scanner Issues

Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1

Detected Licenses (from VCS):

Apache-2.0 (exemplary link to the first of 241 locations)

BSD-2-Clause (exemplary link to the first of 32 locations)

BSD-2-Clause-Views (link to the location)

BSD-3-Clause (exemplary link to the first of 241 locations)

CC-BY-3.0 (exemplary link to the first of 16 locations)

CC-BY-4.0 (exemplary link to the first of 15 locations)

CC-BY-SA-4.0 (exemplary link to the first of 5 locations)

EPL-2.0 (link to the location)

GPL-1.0-or-later (exemplary link to the first of 42 locations)

JSON (exemplary link to the first of 5 locations)

LGPL-2.0-or-later (link to the location)

LGPL-2.1-or-later (exemplary link to the first of 2 locations)

MPL-2.0 (exemplary link to the first of 3 locations)

NOASSERTION (exemplary link to the first of 2 locations)

Unlicense (link to the location)

W3C-19980720 (link to the location)

WTFPL (exemplary link to the first of 2 locations)

Effective License:

Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-3.0 AND CC-BY-4.0 AND CC-BY-SA-4.0 AND EPL-2.0 AND GPL-1.0-or-later AND JSON AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MPL-2.0 AND NOASSERTION AND Unlicense AND W3C-19980720 AND WTFPL OR Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC-BY-3.0 AND CC-BY-4.0 AND CC-BY-SA-4.0 AND GPL-1.0-or-later AND JSON AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MPL-2.0 AND NOASSERTION AND Unlicense AND W3C-19980720 AND WTFPL

Repository Configuration


---
excludes:
  paths:
  - pattern: "**/META-INF/DEPENDENCIES"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/META-INF/NOTICE*"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/*.svg"
    reason: "BUILD_TOOL_OF"
    comment: "SVG files do not contain any license information."
  - pattern: "package-lock.json"
    reason: "BUILD_TOOL_OF"
    comment: "Does not contain any license information."

#	Rule	Package	License	Message
1	DEPENDENCY_LICENSE_CHECK	Go::github.com/docker/cli:20.10.17	DETECTED: JSON	License JSON of dependency 'Go::github.com/docker/cli:20.10.17' is classified as restricted. How to fix Remove dependency 'Go::github.com/docker/cli:20.10.17' from project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1'.
2	DEPENDENCY_LICENSE_CHECK	Go::github.com/google/gnostic:0.5.7-v3refs	DETECTED: JSON	License JSON of dependency 'Go::github.com/google/gnostic:0.5.7-v3refs' is classified as restricted. How to fix Remove dependency 'Go::github.com/google/gnostic:0.5.7-v3refs' from project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1'.
3	DEPENDENCY_LICENSE_CHECK	Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e	DETECTED: JSON	License JSON of dependency 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e' is classified as restricted. How to fix Remove dependency 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e' from project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1'.
4	DEPENDENCY_LICENSE_CHECK	Go::sigs.k8s.io/kustomize/kyaml:0.13.9	DETECTED: JSON	License JSON of dependency 'Go::sigs.k8s.io/kustomize/kyaml:0.13.9' is classified as restricted. How to fix Remove dependency 'Go::sigs.k8s.io/kustomize/kyaml:0.13.9' from project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1'.
5	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: GPL-1.0-or-later	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-1.0-or-later of its dependency 'Go::github.com/containerd/containerd:1.6.6'. Software under a copyleft license such as the GPL-1.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/containerd/containerd:1.6.6' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
6	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only of its dependency 'Go::github.com/containerd/containerd:1.6.6'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/containerd/containerd:1.6.6' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
7	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: MPL-2.0	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license MPL-2.0 of its dependency 'Go::github.com/containerd/containerd:1.6.6'. Software under a copyleft license such as the MPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/containerd/containerd:1.6.6' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
8	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only of its dependency 'Go::github.com/docker/cli:20.10.17'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/cli:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
9	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: LGPL-2.1-or-later	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Go::github.com/docker/cli:20.10.17'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/cli:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
10	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: MPL-2.0	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license MPL-2.0 of its dependency 'Go::github.com/docker/cli:20.10.17'. Software under a copyleft license such as the MPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/cli:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
11	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/distribution:2.8.1	DETECTED: CDDL-1.1	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license CDDL-1.1 of its dependency 'Go::github.com/docker/distribution:2.8.1'. Software under a copyleft license such as the CDDL-1.1 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/distribution:2.8.1' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
12	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/distribution:2.8.1	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only of its dependency 'Go::github.com/docker/distribution:2.8.1'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/distribution:2.8.1' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
13	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/distribution:2.8.1	DETECTED: GPL-2.0-only WITH Classpath-exception-2.0	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Go::github.com/docker/distribution:2.8.1'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/distribution:2.8.1' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
14	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/docker:20.10.17	DETECTED: GPL-1.0-or-later	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-1.0-or-later of its dependency 'Go::github.com/docker/docker:20.10.17'. Software under a copyleft license such as the GPL-1.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/docker:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
15	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/docker:20.10.17	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only of its dependency 'Go::github.com/docker/docker:20.10.17'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/docker:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
16	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/docker:20.10.17	DETECTED: LGPL-2.1-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license LGPL-2.1-only of its dependency 'Go::github.com/docker/docker:20.10.17'. Software under a copyleft license such as the LGPL-2.1-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/docker:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
17	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/docker:20.10.17	DETECTED: LGPL-2.1-or-later	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Go::github.com/docker/docker:20.10.17'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/docker:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
18	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/docker:20.10.17	DETECTED: MPL-2.0	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license MPL-2.0 of its dependency 'Go::github.com/docker/docker:20.10.17'. Software under a copyleft license such as the MPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/docker/docker:20.10.17' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
19	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/opencontainers/image-spec:1.0.3-0.20211202183452-c5a74bcca799	DETECTED: GPL-2.0-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-only of its dependency 'Go::github.com/opencontainers/image-spec:1.0.3-0.20211202183452-c5a74bcca799'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::github.com/opencontainers/image-spec:1.0.3-0.20211202183452-c5a74bcca799' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
20	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e	DETECTED: GPL-1.0-or-later	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-1.0-or-later of its dependency 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e'. Software under a copyleft license such as the GPL-1.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
21	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e	DETECTED: GPL-2.0-or-later WITH Bison-exception-2.2	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license GPL-2.0-or-later (simplified from 'GPL-2.0-or-later WITH Bison-exception-2.2') of its dependency 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e'. Software under a copyleft license such as the GPL-2.0-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
22	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e	DETECTED: LGPL-2.1-only	The outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is incompatible with the inbound license LGPL-2.1-only of its dependency 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e'. Software under a copyleft license such as the LGPL-2.1-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Go::google.golang.org/genproto:0.0.0-20221024183307-1bc688fe9f3e' or put 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' under a different license.
23	PROJECT_LICENSE_CHECK	Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1	DETECTED: JSON	License JSON of project 'Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1' is classified as restricted. How to fix Do not use JSON as a license for project 'Unmanaged::charts:18483f2aadaabc6fdb00ea47d32815457341e7f1'.
24	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: CC-BY-SA-4.0	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license CC-BY-SA-4.0 of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
25	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: LicenseRef-scancode-dco-1.1	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-dco-1.1 of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
26	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: LicenseRef-scancode-google-patent-license-golang	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-google-patent-license-golang of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
27	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: LicenseRef-scancode-oasis-ipr-policy-2014	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-oasis-ipr-policy-2014 of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
28	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
29	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/containerd/containerd:1.6.6	DETECTED: NOASSERTION	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license NOASSERTION of its dependency 'Go::github.com/containerd/containerd:1.6.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
30	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: CC-BY-4.0	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license CC-BY-4.0 of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
31	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: CC-BY-SA-4.0	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license CC-BY-SA-4.0 of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
32	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: JSON	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license JSON of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
33	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: LicenseRef-scancode-dco-1.1	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-dco-1.1 of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
34	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: LicenseRef-scancode-google-patent-license-golang	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-google-patent-license-golang of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
35	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: LicenseRef-scancode-oasis-ipr-policy-2014	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-oasis-ipr-policy-2014 of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
36	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
37	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: NOASSERTION	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license NOASSERTION of its dependency 'Go::github.com/docker/cli:20.10.17'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
38	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/cli:20.10.17	DETECTED: OpenSSL	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license OpenSSL of its dependency 'Go::github.com/docker/cli:20.10.17'. The final statement of the appended SSLeay License "The licence and distribution terms for any publically available version or derivative of this code cannot be changed" normally must be interpreted as a copyleft clause, but there is no general consensus on this interpretation. Therefore, a recommendation on the compatibility of the OpenSSL license can only be given for selected cases. Interpretation: The final statement of the appended SSLeay License "The licence and distribution terms for any publically available version or derivative of this code cannot be changed" normally must be interpreted as a copyleft clause, but there is no general consensus on this interpretation. Therefore, a recommendation on the compatibility of the OpenSSL license can only be given for selected cases. How to fix Get legal advice and eventually create a (global) rule violation resolution.
39	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/distribution:2.8.1	DETECTED: BSD-2-Clause-Views	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license BSD-2-Clause-Views of its dependency 'Go::github.com/docker/distribution:2.8.1'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
40	OSADL_PROJECT_LICENSE_COMPATIBILITY	Go::github.com/docker/distribution:2.8.1	DETECTED: CC-BY-SA-4.0	It is unknown whether the outbound license Apache-2.0 of project 'GoMod::helmRepoIndex:18483f2aadaabc6fdb00ea47d32815457341e7f1' is compatible with the inbound license CC-BY-SA-4.0 of its dependency 'Go::github.com/docker/distribution:2.8.1'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.