# | Rule | Package | License | Message |
---|---|---|---|---|
1 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Go::github.com/inconshreveable/mousetrap:1.0.1 | DETECTED: Apache-2.0 |
It is unknown whether the outbound license NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is compatible with the inbound license Apache-2.0 of its dependency 'Go::github.com/inconshreveable/mousetrap:1.0.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
2 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Go::github.com/spf13/cobra:1.6.1 | DETECTED: Apache-2.0 |
It is unknown whether the outbound license NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is compatible with the inbound license Apache-2.0 of its dependency 'Go::github.com/spf13/cobra:1.6.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
3 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Go::github.com/spf13/pflag:1.0.5 | DETECTED: BSD-3-Clause |
It is unknown whether the outbound license NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is compatible with the inbound license BSD-3-Clause of its dependency 'Go::github.com/spf13/pflag:1.0.5'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
4 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Go::gopkg.in/yaml.v3:3.0.1 | DETECTED: Apache-2.0 |
It is unknown whether the outbound license NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is compatible with the inbound license Apache-2.0 of its dependency 'Go::gopkg.in/yaml.v3:3.0.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
5 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Go::gopkg.in/yaml.v3:3.0.1 | DETECTED: MIT |
It is unknown whether the outbound license NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is compatible with the inbound license MIT of its dependency 'Go::gopkg.in/yaml.v3:3.0.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
6 | PROJECT_LICENSE_CHECK | GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528 | DETECTED: NOASSERTION |
License NOASSERTION of project 'GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528' is unclassified. How to fixClassify NOASSERTION as either approved or restricted. |
Type | Git |
URL | https://github.com/eclipse-tractusx/tractusx-quality-checks.git |
Path | |
Revision | eb43dc40a125a4dfaae108f48e0f71821fde7528 |
# | Package | Scopes | Licenses | Analyzer Issues | Scanner Issues |
---|---|---|---|---|---|
1 | GoMod::github.com/eclipse-tractusx/tractusx-quality-checks:eb43dc40a125a4dfaae108f48e0f71821fde7528 | Detected Licenses (from VCS):
|
|
|
|
2 | Go::github.com/inconshreveable/mousetrap:1.0.1 |
|
Detected Licenses (from VCS):
|
|
|
3 | Go::github.com/spf13/cobra:1.6.1 |
|
Detected Licenses (from VCS):
|
|
|
4 | Go::github.com/spf13/pflag:1.0.5 |
|
Detected Licenses (from VCS):
|
|
|
5 | Go::gopkg.in/yaml.v3:3.0.1 |
|
Detected Licenses (from artifact):
|
|
|
---
excludes:
paths:
- pattern: "**/META-INF/DEPENDENCIES"
reason: "BUILD_TOOL_OF"
comment: "Licenses contained in this directory reflect content analysed elsewhere."
- pattern: "**/META-INF/NOTICE*"
reason: "BUILD_TOOL_OF"
comment: "Licenses contained in this directory reflect content analysed elsewhere."
- pattern: "**/*.svg"
reason: "BUILD_TOOL_OF"
comment: "SVG files do not contain any license information."
- pattern: "package-lock.json"
reason: "BUILD_TOOL_OF"
comment: "Does not contain any license information."