Scan Report

Created by ORT, the OSS Review Toolkit, version cc543c9380-dirty on 2023-03-04T16:56:38.191121125Z.

Project

Scanned revision 554a48d1425058e8b610fad37e4d6a367d657a05 of Git repository https://github.com/eclipse/microprofile-reactive-streams-operators.git

Index

Rule Violation Summary (10 errors, 14 warnings, 13 hints to resolve)
Issue Summary (0 errors, 1 warnings, 0 hints to resolve)
Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT
Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-core:3.1-SNAPSHOT
Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT
Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT
Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT
NPM::svg-marbles:1.0.0
Repository Configuration

Rule Violation Summary (10 errors, 14 warnings, 13 hints to resolve)

Issue Summary (0 errors, 1 warnings, 0 hints to resolve)

Issues from excluded components are not shown in this summary.

Packages

#	Package	Analyzer Issues	Scanner Issues
1	NPM::svg-marbles:1.0.0	NPM::svg-marbles:1.0.0 2023-03-04T16:51:22.706780257Z [WARNING]: NPM - The package-lock.json file was created with an old version of npm, so supplemental metadata must be fetched from the registry. This is a one-time fix-up, please be patient... debug@4.1.1: Debug versions >=3.2.0 <3.2.7 \|\| >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797) debug@3.2.6: Debug versions >=3.2.0 <3.2.7 \|\| >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797) puppeteer@1.13.0: < 19.2.0 is no longer supported

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT (api/pom.xml)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path	api
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses
1	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 34 locations) OFL-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND OFL-1.1
2	Maven:org.osgi:org.osgi.annotation.versioning:1.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Effective License: Apache-2.0
3	Maven:org.reactivestreams:reactive-streams:1.0.3	compile	Declared Licenses: CC0-1.0 Effective License: CC0-1.0

Package

Scopes

Licenses

Analyzer Issues

Scanner Issues

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT

Declared Licenses:

Apache-2.0

Detected Licenses (from VCS):

Apache-2.0 (exemplary link to the first of 34 locations)

OFL-1.1 (exemplary link to the first of 2 locations)

Effective License:

Apache-2.0 AND OFL-1.1

Maven:org.osgi:org.osgi.annotation.versioning:1.0.0

provided
Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.

Concluded License:

Apache-2.0

Declared Licenses:

Apache-2.0

Effective License:

Apache-2.0

Maven:org.reactivestreams:reactive-streams:1.0.3

compile

Declared Licenses:

CC0-1.0

Effective License:

CC0-1.0

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-core:3.1-SNAPSHOT (core/pom.xml)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path	core
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses
1	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-core:3.1-SNAPSHOT		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 17 locations) Effective License: Apache-2.0
2	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 34 locations) OFL-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND OFL-1.1
3	Maven:org.osgi:org.osgi.annotation.versioning:1.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Effective License: Apache-2.0
4	Maven:org.reactivestreams:reactive-streams:1.0.3	compile	Declared Licenses: CC0-1.0 Effective License: CC0-1.0

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT (pom.xml)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses	Analyzer Issues	Scanner Issues
1	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 119 locations) LicenseRef-scancode-efsl-1.0 (link to the location) OFL-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-efsl-1.0 AND OFL-1.1

Package

Scopes

Licenses

Analyzer Issues

Scanner Issues

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT

Declared Licenses:

Apache-2.0

Detected Licenses (from VCS):

Apache-2.0 (exemplary link to the first of 119 locations)

LicenseRef-scancode-efsl-1.0 (link to the location)

OFL-1.1 (exemplary link to the first of 2 locations)

Effective License:

Apache-2.0 AND LicenseRef-scancode-efsl-1.0 AND OFL-1.1

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT (spec/pom.xml)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path	spec
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses	Analyzer Issues	Scanner Issues
1	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 15 locations) LicenseRef-scancode-efsl-1.0 (link to the location) Effective License: Apache-2.0 AND LicenseRef-scancode-efsl-1.0

Package

Scopes

Licenses

Analyzer Issues

Scanner Issues

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT

Declared Licenses:

Apache-2.0

Detected Licenses (from VCS):

Apache-2.0 (exemplary link to the first of 15 locations)

LicenseRef-scancode-efsl-1.0 (link to the location)

Effective License:

Apache-2.0 AND LicenseRef-scancode-efsl-1.0

Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT (tck/pom.xml)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path	tck
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses
1	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 47 locations) Effective License: Apache-2.0
2	Maven:com.beust:jcommander:1.78	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from artifact): Apache-2.0 (exemplary link to the first of 40 locations) Effective License: Apache-2.0
3	Maven:jakarta.annotation:jakarta.annotation-api:2.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: EPL-2.0 GPL-2.0-only WITH Classpath-exception-2.0 Detected Licenses (from VCS): CDDL-1.0 (link to the location) EPL-2.0 (exemplary link to the first of 25 locations) GPL-2.0-only (link to the location) GPL-2.0-only WITH Classpath-exception-2.0 (exemplary link to the first of 24 locations) LicenseRef-scancode-efsl-1.0 (exemplary link to the first of 2 locations) NOASSERTION (link to the location) NOASSERTION WITH Classpath-exception-2.0 (link to the location) Effective License: CDDL-1.0 AND EPL-2.0 AND GPL-2.0-only AND GPL-2.0-only WITH Classpath-exception-2.0 AND LicenseRef-scancode-efsl-1.0 AND NOASSERTION AND NOASSERTION WITH Classpath-exception-2.0
4	Maven:jakarta.enterprise:jakarta.enterprise.cdi-api:3.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: Apache-2.0 Detected Licenses (from artifact): Apache-2.0 (exemplary link to the first of 140 locations) EPL-2.0 (link to the location) NOASSERTION (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND EPL-2.0 AND NOASSERTION OR Apache-2.0 AND NOASSERTION
5	Maven:jakarta.inject:jakarta.inject-api:2.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: Apache-2.0 Detected Licenses (from artifact): Apache-2.0 (exemplary link to the first of 11 locations) BSD-3-Clause (link to the location) Effective License: Apache-2.0 AND BSD-3-Clause
6	Maven:jakarta.interceptor:jakarta.interceptor-api:2.0.0	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: EPL-2.0 GPL-2.0-only WITH Classpath-exception-2.0 Detected Licenses (from artifact): CDDL-1.0 (exemplary link to the first of 2 locations) EPL-2.0 (exemplary link to the first of 18 locations) GPL-2.0-only (link to the location) GPL-2.0-only WITH Classpath-exception-2.0 (exemplary link to the first of 16 locations) NOASSERTION (link to the location) NOASSERTION WITH Classpath-exception-2.0 (exemplary link to the first of 2 locations) Effective License: CDDL-1.0 AND EPL-2.0 AND GPL-2.0-only AND GPL-2.0-only WITH Classpath-exception-2.0 AND NOASSERTION AND NOASSERTION WITH Classpath-exception-2.0
7	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 34 locations) OFL-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND OFL-1.1
8	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-core:3.1-SNAPSHOT	test Excluded: TEST_DEPENDENCY_OF - Packages for testing only.	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 17 locations) Effective License: Apache-2.0
9	Maven:org.jboss.arquillian.config:arquillian-config-api:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
10	Maven:org.jboss.arquillian.config:arquillian-config-impl-base:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
11	Maven:org.jboss.arquillian.config:arquillian-config-spi:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
12	Maven:org.jboss.arquillian.container:arquillian-container-impl-base:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
13	Maven:org.jboss.arquillian.container:arquillian-container-spi:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
14	Maven:org.jboss.arquillian.container:arquillian-container-test-api:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
15	Maven:org.jboss.arquillian.container:arquillian-container-test-impl-base:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
16	Maven:org.jboss.arquillian.container:arquillian-container-test-spi:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
17	Maven:org.jboss.arquillian.core:arquillian-core-api:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
18	Maven:org.jboss.arquillian.core:arquillian-core-impl-base:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
19	Maven:org.jboss.arquillian.core:arquillian-core-spi:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
20	Maven:org.jboss.arquillian.test:arquillian-test-api:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
21	Maven:org.jboss.arquillian.test:arquillian-test-impl-base:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
22	Maven:org.jboss.arquillian.test:arquillian-test-spi:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
23	Maven:org.jboss.arquillian.testng:arquillian-testng-container:1.7.0.Alpha9	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
24	Maven:org.jboss.arquillian.testng:arquillian-testng-core:1.7.0.Alpha9	compile	Concluded License: Apache-2.0 Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 630 locations) Effective License: Apache-2.0
25	Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 254 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 2 locations) LicenseRef-scancode-public-domain-disclaimer (exemplary link to the first of 9 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-public-domain-disclaimer
26	Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 254 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 2 locations) LicenseRef-scancode-public-domain-disclaimer (exemplary link to the first of 9 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-public-domain-disclaimer
27	Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 254 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 2 locations) LicenseRef-scancode-public-domain-disclaimer (exemplary link to the first of 9 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-public-domain-disclaimer
28	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 173 locations) BSD-3-Clause (exemplary link to the first of 10 locations) CDDL-1.0 (exemplary link to the first of 56 locations) CDDL-1.1 (exemplary link to the first of 17 locations) EPL-1.0 (exemplary link to the first of 7 locations) GPL-2.0-only WITH Classpath-exception-2.0 (exemplary link to the first of 73 locations) LGPL-2.1-or-later (exemplary link to the first of 11 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 4 locations) Effective License: Apache-2.0 AND BSD-3-Clause AND CDDL-1.0 AND CDDL-1.1 AND EPL-1.0 AND GPL-2.0-only WITH Classpath-exception-2.0 AND LGPL-2.1-or-later AND LicenseRef-scancode-public-domain
29	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 173 locations) BSD-3-Clause (exemplary link to the first of 10 locations) CDDL-1.0 (exemplary link to the first of 56 locations) CDDL-1.1 (exemplary link to the first of 17 locations) EPL-1.0 (exemplary link to the first of 7 locations) GPL-2.0-only WITH Classpath-exception-2.0 (exemplary link to the first of 73 locations) LGPL-2.1-or-later (exemplary link to the first of 11 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 4 locations) Effective License: Apache-2.0 AND BSD-3-Clause AND CDDL-1.0 AND CDDL-1.1 AND EPL-1.0 AND GPL-2.0-only WITH Classpath-exception-2.0 AND LGPL-2.1-or-later AND LicenseRef-scancode-public-domain
30	Maven:org.reactivestreams:reactive-streams:1.0.3	provided Excluded: PROVIDED_DEPENDENCY_OF - Packages provided at runtime by the JDK or container only.	Declared Licenses: CC0-1.0 Effective License: CC0-1.0
31	Maven:org.reactivestreams:reactive-streams-examples:1.0.3	compile	Concluded License: CC0-1.0 Declared Licenses: CC0-1.0 Detected Licenses (from artifact): CC0-1.0 (exemplary link to the first of 12 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 12 locations) Effective License: CC0-1.0
32	Maven:org.reactivestreams:reactive-streams-tck:1.0.3	compile	Concluded License: CC0-1.0 Declared Licenses: CC0-1.0 Detected Licenses (from artifact): CC0-1.0 (exemplary link to the first of 32 locations) LicenseRef-scancode-public-domain (exemplary link to the first of 32 locations) Effective License: CC0-1.0
33	Maven:org.testng:testng:7.4.0	compile	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 8 locations) LicenseRef-scancode-proprietary-license (link to the location) MIT (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND LicenseRef-scancode-proprietary-license AND MIT
34	Maven:org.webjars:jquery:3.5.1	compile	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): LicenseRef-scancode-jsr-107-jcache-spec-2013 (link to the location) MIT (link to the location) Effective License: MIT

NPM::svg-marbles:1.0.0 (api/package.json)

VCS Information

Type	Git
URL	https://github.com/eclipse/microprofile-reactive-streams-operators.git
Path	api
Revision	554a48d1425058e8b610fad37e4d6a367d657a05

Packages

#	Package	Scopes	Licenses	Analyzer Issues
1	NPM::svg-marbles:1.0.0		Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 34 locations) OFL-1.1 (exemplary link to the first of 2 locations) Effective License: Apache-2.0 AND OFL-1.1	2023-03-04T16:51:22.706780257Z [WARNING]: NPM - The package-lock.json file was created with an old version of npm, so supplemental metadata must be fetched from the registry. This is a one-time fix-up, please be patient... debug@4.1.1: Debug versions >=3.2.0 <3.2.7 \|\| >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797) debug@3.2.6: Debug versions >=3.2.0 <3.2.7 \|\| >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797) puppeteer@1.13.0: < 19.2.0 is no longer supported
2	NPM::agent-base:4.3.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
3	NPM::async-limiter:1.0.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
4	NPM::balanced-match:1.0.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
5	NPM::brace-expansion:1.1.11	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 5 locations) Effective License: MIT
6	NPM::buffer-crc32:0.2.13	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 5 locations) Effective License: MIT
7	NPM::buffer-from:1.1.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
8	NPM::concat-map:0.0.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from artifact): MIT Effective License: MIT
9	NPM::concat-stream:1.6.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from artifact): MIT Effective License: MIT
10	NPM::core-util-is:1.0.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) NOASSERTION (link to the location) Effective License: MIT
11	NPM::debug:2.6.9	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 6 locations) Effective License: MIT
12	NPM::debug:3.2.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 6 locations) Effective License: MIT
13	NPM::debug:4.1.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 6 locations) Effective License: MIT
14	NPM::es6-promise:4.2.8	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
15	NPM::es6-promisify:5.0.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
16	NPM::extract-zip:1.7.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: BSD-2-Clause Detected Licenses (from VCS): BSD-2-Clause (exemplary link to the first of 2 locations) Effective License: BSD-2-Clause
17	NPM::fd-slicer:1.1.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
18	NPM::fs.realpath:1.0.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 2 locations) MIT (exemplary link to the first of 3 locations) Effective License: ISC AND MIT
19	NPM::glob:7.1.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 4 locations) MIT (link to the location) Effective License: ISC AND MIT
20	NPM::glob:7.1.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): CC-BY-SA-4.0 (exemplary link to the first of 2 locations) ISC (exemplary link to the first of 4 locations) MIT (link to the location) NOASSERTION (link to the location) Effective License: CC-BY-SA-4.0 AND ISC AND MIT AND NOASSERTION
21	NPM::https-proxy-agent:2.2.4	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
22	NPM::inflight:1.0.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
23	NPM::inherits:2.0.3	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
24	NPM::interpret:1.1.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
25	NPM::isarray:1.0.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
26	NPM::mime:2.4.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
27	NPM::minimatch:3.0.4	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
28	NPM::minimist:1.2.5	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from artifact): MIT Effective License: MIT
29	NPM::mkdirp:0.5.5	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from artifact): MIT Effective License: MIT
30	NPM::ms:2.0.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
31	NPM::ms:2.1.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
32	NPM::once:1.4.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
33	NPM::path-is-absolute:1.0.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
34	NPM::path-parse:1.0.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
35	NPM::pend:1.2.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
36	NPM::process-nextick-args:2.0.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
37	NPM::progress:2.0.3	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 5 locations) Effective License: MIT
38	NPM::proxy-from-env:1.1.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT
39	NPM::puppeteer:1.13.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: Apache-2.0 Detected Licenses (from VCS): Apache-2.0 (exemplary link to the first of 130 locations) BSD-3-Clause (link to the location) LicenseRef-scancode-public-domain (link to the location) NOASSERTION (exemplary link to the first of 4 locations) OFL-1.1 (exemplary link to the first of 3 locations) Effective License: Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-public-domain AND NOASSERTION AND OFL-1.1
40	NPM::readable-stream:2.3.7	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): LicenseRef-scancode-dco-1.1 (link to the location) MIT (exemplary link to the first of 50 locations) Effective License: MIT
41	NPM::rechoir:0.6.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 2 locations) Effective License: MIT
42	NPM::resolve:1.8.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
43	NPM::rimraf:2.7.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
44	NPM::safe-buffer:5.1.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
45	NPM::shelljs:0.8.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: BSD-3-Clause Detected Licenses (from VCS): BSD-3-Clause (exemplary link to the first of 3 locations) MIT (exemplary link to the first of 2 locations) Effective License: BSD-3-Clause AND MIT
46	NPM::string_decoder:1.1.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 7 locations) Effective License: MIT
47	NPM::svg.js:2.6.5	dependencies	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 10 locations) Effective License: MIT
48	NPM::typedarray:0.0.6	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from artifact): MIT Effective License: MIT
49	NPM::util-deprecate:1.0.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Concluded License: MIT Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 5 locations) Effective License: MIT
50	NPM::wrappy:1.0.2	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: ISC Detected Licenses (from VCS): ISC (exemplary link to the first of 3 locations) Effective License: ISC
51	NPM::ws:6.2.1	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 4 locations) Effective License: MIT
52	NPM::yauzl:2.10.0	devDependencies Excluded: DEV_DEPENDENCY_OF - Packages for development only.	Declared Licenses: MIT Detected Licenses (from VCS): MIT (exemplary link to the first of 3 locations) Effective License: MIT

Repository Configuration


---
excludes:
  paths:
  - pattern: "**/META-INF/DEPENDENCIES"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/META-INF/NOTICE*"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/*.svg"
    reason: "BUILD_TOOL_OF"
    comment: "SVG files do not contain any license information."
  - pattern: "package-lock.json"
    reason: "BUILD_TOOL_OF"
    comment: "Does not contain any license information."
  scopes:
  - pattern: "devDependencies"
    reason: "DEV_DEPENDENCY_OF"
    comment: "Packages for development only."
  - pattern: "provided"
    reason: "PROVIDED_DEPENDENCY_OF"
    comment: "Packages provided at runtime by the JDK or container only."
  - pattern: "test"
    reason: "TEST_DEPENDENCY_OF"
    comment: "Packages for testing only."

#	Rule	Package	License	Message
1	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: CDDL-1.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license CDDL-1.0 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. Software under a copyleft license such as the CDDL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
2	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: CDDL-1.1	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license CDDL-1.1 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. Software under a copyleft license such as the CDDL-1.1 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
3	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: EPL-1.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
4	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: GPL-2.0-only WITH Classpath-exception-2.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
5	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: LGPL-2.1-or-later	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
6	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: CDDL-1.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license CDDL-1.0 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. Software under a copyleft license such as the CDDL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
7	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: CDDL-1.1	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license CDDL-1.1 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. Software under a copyleft license such as the CDDL-1.1 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
8	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: EPL-1.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
9	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: GPL-2.0-only WITH Classpath-exception-2.0	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
10	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: LGPL-2.1-or-later	The outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses. How to fix Remove the dependency on 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' or put 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' under a different license.
11	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT	DETECTED: OFL-1.1	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-core:3.1-SNAPSHOT' is compatible with the inbound license OFL-1.1 of its dependency 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
12	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT	DETECTED: OFL-1.1	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license OFL-1.1 of its dependency 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
13	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
14	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain-disclaimer of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
15	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
16	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain-disclaimer of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
17	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
18	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain-disclaimer of its dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
19	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
20	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: LicenseRef-scancode-public-domain	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
21	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.reactivestreams:reactive-streams:1.0.3	DECLARED: CC0-1.0	It is unknown whether the outbound license OFL-1.1 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-api:3.1-SNAPSHOT' is compatible with the inbound license CC0-1.0 of its dependency 'Maven:org.reactivestreams:reactive-streams:1.0.3'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
22	OSADL_PROJECT_LICENSE_COMPATIBILITY	Maven:org.testng:testng:7.4.0	DETECTED: LicenseRef-scancode-proprietary-license	It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-tck:3.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-proprietary-license of its dependency 'Maven:org.testng:testng:7.4.0'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
23	OSADL_PROJECT_LICENSE_COMPATIBILITY	NPM::svg.js:2.6.5	DECLARED: MIT	It is unknown whether the outbound license OFL-1.1 of project 'NPM::svg-marbles:1.0.0' is compatible with the inbound license MIT of its dependency 'NPM::svg.js:2.6.5'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
24	OSADL_PROJECT_LICENSE_COMPATIBILITY	NPM::svg.js:2.6.5	DETECTED: MIT	It is unknown whether the outbound license OFL-1.1 of project 'NPM::svg-marbles:1.0.0' is compatible with the inbound license MIT of its dependency 'NPM::svg.js:2.6.5'. This combination of licenses is not covered by the compliance matrix. How to fix Get legal advice and eventually create a (global) rule violation resolution.
25	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
26	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	License LicenseRef-scancode-public-domain-disclaimer of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-api:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain-disclaimer as either approved or restricted.
27	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
28	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	License LicenseRef-scancode-public-domain-disclaimer of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-impl-base:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain-disclaimer as either approved or restricted.
29	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
30	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6	DETECTED: LicenseRef-scancode-public-domain-disclaimer	License LicenseRef-scancode-public-domain-disclaimer of dependency 'Maven:org.jboss.shrinkwrap:shrinkwrap-spi:1.2.6' is unclassified. How to fix Classify LicenseRef-scancode-public-domain-disclaimer as either approved or restricted.
31	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: GPL-2.0-only WITH Classpath-exception-2.0	License GPL-2.0-only WITH Classpath-exception-2.0 of dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' is unclassified. How to fix Classify GPL-2.0-only WITH Classpath-exception-2.0 as either approved or restricted.
32	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-api-base:2.0.0' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
33	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: GPL-2.0-only WITH Classpath-exception-2.0	License GPL-2.0-only WITH Classpath-exception-2.0 of dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' is unclassified. How to fix Classify GPL-2.0-only WITH Classpath-exception-2.0 as either approved or restricted.
34	DEPENDENCY_LICENSE_CHECK	Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0	DETECTED: LicenseRef-scancode-public-domain	License LicenseRef-scancode-public-domain of dependency 'Maven:org.jboss.shrinkwrap.descriptors:shrinkwrap-descriptors-spi:2.0.0' is unclassified. How to fix Classify LicenseRef-scancode-public-domain as either approved or restricted.
35	DEPENDENCY_LICENSE_CHECK	Maven:org.testng:testng:7.4.0	DETECTED: LicenseRef-scancode-proprietary-license	License LicenseRef-scancode-proprietary-license of dependency 'Maven:org.testng:testng:7.4.0' is unclassified. How to fix Classify LicenseRef-scancode-proprietary-license as either approved or restricted.
36	PROJECT_LICENSE_CHECK	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT	DETECTED: LicenseRef-scancode-efsl-1.0	License LicenseRef-scancode-efsl-1.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-parent:3.1-SNAPSHOT' is unclassified. How to fix Classify LicenseRef-scancode-efsl-1.0 as either approved or restricted.
37	PROJECT_LICENSE_CHECK	Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT	DETECTED: LicenseRef-scancode-efsl-1.0	License LicenseRef-scancode-efsl-1.0 of project 'Maven:org.eclipse.microprofile.reactive-streams-operators:microprofile-reactive-streams-operators-spec:3.1-SNAPSHOT' is unclassified. How to fix Classify LicenseRef-scancode-efsl-1.0 as either approved or restricted.