Scan Report
Created by ORT, the OSS Review Toolkit, version cc543c9380-dirty on 2023-04-05T22:59:54.175044401Z.

Project

Scanned revision 38bf5c1be5c3d513cab332af91787a00ffc7119c of Git repository https://github.com/eclipse-vertx/vertx-codegen.git

Index

Rule Violation Summary (9 errors, 20 warnings, 3 hints to resolve)

# Rule Package License Message
1 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:io.vertx:vertx-docgen:0.9.4 DECLARED: EPL-1.0

The outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:io.vertx:vertx-docgen:0.9.4'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:io.vertx:vertx-docgen:0.9.4' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
2 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:io.vertx:vertx-docgen:0.9.4 DECLARED: EPL-1.0

The outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:io.vertx:vertx-docgen:0.9.4'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the WTFPL license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:io.vertx:vertx-docgen:0.9.4' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
3 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DECLARED: EPL-1.0

The outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
4 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-1.0

The outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
5 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DECLARED: EPL-1.0

The outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the WTFPL license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
6 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-1.0

The outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the WTFPL license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
7 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
8 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-2.0

The outbound license EPL-1.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
9 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-2.0

The outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the WTFPL license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13.1' or put 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' under a different license.
10 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DECLARED: Apache-2.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license Apache-2.0 of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
11 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: Apache-2.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license Apache-2.0 of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
12 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: MIT

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license MIT of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
13 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

It is unknown whether the outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
14 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
15 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-1.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
16 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
17 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

It is unknown whether the outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
18 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:io.vertx:vertx-docgen:0.9.4 DECLARED: Apache-2.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license Apache-2.0 of its dependency 'Maven:io.vertx:vertx-docgen:0.9.4'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
19 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:io.vertx:vertx-docgen:0.9.4 DECLARED: EPL-1.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license EPL-1.0 of its dependency 'Maven:io.vertx:vertx-docgen:0.9.4'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
20 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: Apache-2.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license Apache-2.0 of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
21 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DECLARED: EPL-1.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
22 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-1.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
23 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: EPL-2.0

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
24 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

It is unknown whether the outbound license Apache-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
25 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
26 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-1.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
27 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-2.0 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
28 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

It is unknown whether the outbound license WTFPL of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
29 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.hamcrest:hamcrest-core:1.3 CONCLUDED: BSD-2-Clause

It is unknown whether the outbound license CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is compatible with the inbound license BSD-2-Clause of its dependency 'Maven:org.hamcrest:hamcrest-core:1.3'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
30 DEPENDENCY_LICENSE_CHECK Maven:com.fasterxml.jackson.core:jackson-core:2.14.0 DETECTED: NOASSERTION

License NOASSERTION of dependency 'Maven:com.fasterxml.jackson.core:jackson-core:2.14.0' is unclassified.

How to fix

Classify NOASSERTION as either approved or restricted.
31 DEPENDENCY_LICENSE_CHECK Maven:junit:junit:4.13.1 DETECTED: NOASSERTION

License NOASSERTION of dependency 'Maven:junit:junit:4.13.1' is unclassified.

How to fix

Classify NOASSERTION as either approved or restricted.
32 PROJECT_LICENSE_CHECK Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT DETECTED: CC-BY-SA-2.5

License CC-BY-SA-2.5 of project 'Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT' is unclassified.

How to fix

Classify CC-BY-SA-2.5 as either approved or restricted.

Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT (pom.xml)

VCS Information

Type Git
URL https://github.com/eclipse-vertx/vertx-codegen.git
Path
Revision 38bf5c1be5c3d513cab332af91787a00ffc7119c

Packages

# Package Scopes Licenses Analyzer Issues Scanner Issues
1 Maven:io.vertx:vertx-codegen:5.0.0-SNAPSHOT Declared Licenses:
Detected Licenses (from VCS):
Apache-2.0 (exemplary link to the first of 81 locations)
CC-BY-SA-2.5 (link to the location)
EPL-1.0 (exemplary link to the first of 43 locations)
EPL-2.0 (exemplary link to the first of 30 locations)
WTFPL (link to the location)
Effective License:
      2 Maven:com.fasterxml.jackson.core:jackson-core:2.14.0
      • compile
      		 Declared Licenses:
      Detected Licenses (from artifact):
      Apache-2.0 (exemplary link to the first of 22 locations)
      MIT (exemplary link to the first of 3 locations)
      NOASSERTION (exemplary link to the first of 2 locations)
      Effective License:
      Apache-2.0 AND MIT AND NOASSERTION
          3 Maven:io.vertx:vertx-docgen:0.9.4
          • compile
          		 Declared Licenses:
          Effective License:
              4 Maven:junit:junit:4.13.1
              • test
              		 Declared Licenses:
              Detected Licenses (from VCS):
              Apache-2.0 (exemplary link to the first of 4 locations)
              EPL-1.0 (exemplary link to the first of 5 locations)
              EPL-2.0 (link to the location)
              NOASSERTION (link to the location)
              Effective License:
              Apache-2.0 AND EPL-1.0 AND EPL-2.0 AND NOASSERTION
                  5 Maven:org.hamcrest:hamcrest-core:1.3
                  • test
                  		 Concluded License:
                  Declared Licenses:
                  Effective License:

                      Repository Configuration

                      
---
excludes:
  paths:
  - pattern: "**/META-INF/DEPENDENCIES"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/META-INF/NOTICE*"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/*.svg"
    reason: "BUILD_TOOL_OF"
    comment: "SVG files do not contain any license information."
  - pattern: "package-lock.json"
    reason: "BUILD_TOOL_OF"
    comment: "Does not contain any license information."