# | Rule | Package | License | Message |
---|---|---|---|---|
1 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:ch.qos.logback:logback-classic:1.1.11 | DETECTED: LGPL-2.1-only |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-only of its dependency 'Maven:ch.qos.logback:logback-classic:1.1.11'. Software under a copyleft license such as the LGPL-2.1-only license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:ch.qos.logback:logback-classic:1.1.11' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
2 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:ch.qos.logback:logback-classic:1.1.11 | DECLARED: LGPL-2.1-or-later |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Maven:ch.qos.logback:logback-classic:1.1.11'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:ch.qos.logback:logback-classic:1.1.11' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
3 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:ch.qos.logback:logback-core:1.1.11 | DETECTED: LGPL-2.1-only |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-only of its dependency 'Maven:ch.qos.logback:logback-core:1.1.11'. Software under a copyleft license such as the LGPL-2.1-only license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:ch.qos.logback:logback-core:1.1.11' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
4 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:ch.qos.logback:logback-core:1.1.11 | DECLARED: LGPL-2.1-or-later |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license LGPL-2.1-or-later of its dependency 'Maven:ch.qos.logback:logback-core:1.1.11'. Software under a copyleft license such as the LGPL-2.1-or-later license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:ch.qos.logback:logback-core:1.1.11' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
5 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:javax.annotation:javax.annotation-api:1.2 | DECLARED: CDDL-1.0 |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license CDDL-1.0 of its dependency 'Maven:javax.annotation:javax.annotation-api:1.2'. Software under a copyleft license such as the CDDL-1.0 license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:javax.annotation:javax.annotation-api:1.2' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
6 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:javax.annotation:javax.annotation-api:1.2 | DECLARED: GPL-2.0-only WITH Classpath-exception-2.0 |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Maven:javax.annotation:javax.annotation-api:1.2'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:javax.annotation:javax.annotation-api:1.2' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
7 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:junit:junit:4.13.2 | CONCLUDED: EPL-2.0 |
The outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13.2'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under another copyleft license such as the EPL-1.0 license, except if it were explicitly permitted in the licenses. How to fixRemove the dependency on 'Maven:junit:junit:4.13.2' or put 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' under a different license. |
8 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:aopalliance:aopalliance:1.0 | CONCLUDED: LicenseRef-Public-Domain |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license LicenseRef-Public-Domain of its dependency 'Maven:aopalliance:aopalliance:1.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
9 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:com.google.guava:guava:16.0.1 | DETECTED: CC-PDDC |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license CC-PDDC of its dependency 'Maven:com.google.guava:guava:16.0.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
10 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:com.google.guava:guava:16.0.1 | DETECTED: LicenseRef-scancode-public-domain |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:com.google.guava:guava:16.0.1'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
11 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-classworlds:2.6.0 | DETECTED: Plexus |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license Plexus of its dependency 'Maven:org.codehaus.plexus:plexus-classworlds:2.6.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
12 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: Apache-1.1 |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license Apache-1.1 of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. There is insufficient information or knowledge whether the Apache-1.1 license is compatible with the EPL-1.0 license or not. Therefore, a general recommendation on the compatibility of the Apache-1.1 license with the EPL-1.0 license cannot be given. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
13 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: LicenseRef-scancode-indiana-extreme |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-indiana-extreme of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
14 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: LicenseRef-scancode-public-domain |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-public-domain of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
15 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: NOASSERTION |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
16 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: SAX-PD |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license SAX-PD of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
17 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: xpp |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license xpp of its dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
18 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.osgi:osgi.core:5.0.0 | DETECTED: Apache-1.1 |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license Apache-1.1 of its dependency 'Maven:org.osgi:osgi.core:5.0.0'. There is insufficient information or knowledge whether the Apache-1.1 license is compatible with the EPL-1.0 license or not. Therefore, a general recommendation on the compatibility of the Apache-1.1 license with the EPL-1.0 license cannot be given. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
19 | OSADL_PROJECT_LICENSE_COMPATIBILITY | Maven:org.osgi:osgi.core:5.0.0 | DETECTED: NOASSERTION |
It is unknown whether the outbound license EPL-1.0 of project 'Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.osgi:osgi.core:5.0.0'. This combination of licenses is not covered by the compliance matrix. How to fixGet legal advice and eventually create a (global) rule violation resolution. |
20 | DEPENDENCY_LICENSE_CHECK | Maven:aopalliance:aopalliance:1.0 | CONCLUDED: LicenseRef-Public-Domain |
License LicenseRef-Public-Domain of dependency 'Maven:aopalliance:aopalliance:1.0' is unclassified. How to fixClassify LicenseRef-Public-Domain as either approved or restricted. |
21 | DEPENDENCY_LICENSE_CHECK | Maven:com.google.guava:guava:16.0.1 | DETECTED: CC-PDDC |
License CC-PDDC of dependency 'Maven:com.google.guava:guava:16.0.1' is unclassified. How to fixClassify CC-PDDC as either approved or restricted. |
22 | DEPENDENCY_LICENSE_CHECK | Maven:com.google.guava:guava:16.0.1 | DETECTED: LicenseRef-scancode-public-domain |
License LicenseRef-scancode-public-domain of dependency 'Maven:com.google.guava:guava:16.0.1' is unclassified. How to fixClassify LicenseRef-scancode-public-domain as either approved or restricted. |
23 | DEPENDENCY_LICENSE_CHECK | Maven:javax.annotation:javax.annotation-api:1.2 | DECLARED: GPL-2.0-only WITH Classpath-exception-2.0 |
License GPL-2.0-only WITH Classpath-exception-2.0 of dependency 'Maven:javax.annotation:javax.annotation-api:1.2' is unclassified. How to fixClassify GPL-2.0-only WITH Classpath-exception-2.0 as either approved or restricted. |
24 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-classworlds:2.6.0 | DETECTED: Plexus |
License Plexus of dependency 'Maven:org.codehaus.plexus:plexus-classworlds:2.6.0' is unclassified. How to fixClassify Plexus as either approved or restricted. |
25 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: LicenseRef-scancode-indiana-extreme |
License LicenseRef-scancode-indiana-extreme of dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0' is unclassified. How to fixClassify LicenseRef-scancode-indiana-extreme as either approved or restricted. |
26 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: LicenseRef-scancode-public-domain |
License LicenseRef-scancode-public-domain of dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0' is unclassified. How to fixClassify LicenseRef-scancode-public-domain as either approved or restricted. |
27 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: NOASSERTION |
License NOASSERTION of dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0' is unclassified. How to fixClassify NOASSERTION as either approved or restricted. |
28 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: SAX-PD |
License SAX-PD of dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0' is unclassified. How to fixClassify SAX-PD as either approved or restricted. |
29 | DEPENDENCY_LICENSE_CHECK | Maven:org.codehaus.plexus:plexus-utils:3.3.0 | DETECTED: xpp |
License xpp of dependency 'Maven:org.codehaus.plexus:plexus-utils:3.3.0' is unclassified. How to fixClassify xpp as either approved or restricted. |
30 | DEPENDENCY_LICENSE_CHECK | Maven:org.osgi:osgi.core:5.0.0 | DETECTED: NOASSERTION |
License NOASSERTION of dependency 'Maven:org.osgi:osgi.core:5.0.0' is unclassified. How to fixClassify NOASSERTION as either approved or restricted. |
31 | PROJECT_LICENSE_CHECK | Maven:org.eclipse.sisu:sisu-plexus:0.9.0-SNAPSHOT | DETECTED: GPL-1.0-or-later |
License GPL-1.0-or-later of project 'Maven:org.eclipse.sisu:sisu-plexus:0.9.0-SNAPSHOT' is unclassified. How to fixClassify GPL-1.0-or-later as either approved or restricted. |
32 | PROJECT_LICENSE_CHECK | Maven:org.eclipse.sisu:sisu-plexus:0.9.0-SNAPSHOT | DETECTED: GPL-2.0-only |
License GPL-2.0-only of project 'Maven:org.eclipse.sisu:sisu-plexus:0.9.0-SNAPSHOT' is unclassified. How to fixClassify GPL-2.0-only as either approved or restricted. |
Issues from excluded components are not shown in this summary.
# | Package | Analyzer Issues | Scanner Issues |
---|---|---|---|
1 | Maven:javax.annotation:javax.annotation-api:1.2 | Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT
|
Type | Git |
URL | https://github.com/eclipse/sisu.plexus.git |
Path | org.eclipse.sisu.plexus |
Revision | ba5139e5f8562a22644ef5bd6b772d00baa9c880 |
# | Package | Scopes | Licenses | Analyzer Issues | Scanner Issues |
---|---|---|---|---|---|
1 | Maven:org.eclipse.sisu:org.eclipse.sisu.plexus:0.9.0-SNAPSHOT | Declared Licenses: |
|
|
|
2 | Maven:aopalliance:aopalliance:1.0 |
|
Concluded License:
|
|
|
3 | Maven:ch.qos.logback:logback-classic:1.1.11 |
|
Declared Licenses:
|
|
|
4 | Maven:ch.qos.logback:logback-core:1.1.11 |
|
Declared Licenses:
|
|
|
5 | Maven:com.google.guava:guava:16.0.1 |
|
Declared Licenses:
|
|
|
6 | Maven:com.google.inject:guice:4.0 |
|
Concluded License:
|
|
|
7 | Maven:javax.annotation:javax.annotation-api:1.2 |
|
Declared Licenses: |
|
|
8 | Maven:javax.enterprise:cdi-api:1.2 |
|
Concluded License: |
|
|
9 | Maven:javax.inject:javax.inject:1 |
|
Concluded License:
|
|
|
10 | Maven:junit:junit:4.13.2 |
|
Concluded License:
|
|
|
11 | Maven:org.codehaus.plexus:plexus-classworlds:2.6.0 |
|
Declared Licenses:
|
|
|
12 | Maven:org.codehaus.plexus:plexus-component-annotations:2.1.0 |
|
Concluded License:
|
|
|
13 | Maven:org.codehaus.plexus:plexus-utils:3.3.0 |
|
Declared Licenses:
|
|
|
14 | Maven:org.eclipse.sisu:org.eclipse.sisu.inject:0.9.0-20211026.154805-10 |
|
|
|
|
15 | Maven:org.hamcrest:hamcrest-core:1.3 |
|
Concluded License: |
|
|
16 | Maven:org.osgi:osgi.core:5.0.0 |
|
Declared Licenses:
|
|
|
17 | Maven:org.slf4j:slf4j-api:1.7.36 |
|
Declared Licenses: |
|
|
Type | Git |
URL | https://github.com/eclipse/sisu.plexus.git |
Path | org.eclipse.sisu.plexus.extender |
Revision | ba5139e5f8562a22644ef5bd6b772d00baa9c880 |
# | Package | Scopes | Licenses | Analyzer Issues | Scanner Issues |
---|---|---|---|---|---|
1 | Maven:org.eclipse.sisu:org.eclipse.sisu.plexus.extender:0.9.0-SNAPSHOT | Declared Licenses: |
|
|
Type | Git |
URL | https://github.com/eclipse/sisu.plexus.git |
Path | |
Revision | ba5139e5f8562a22644ef5bd6b772d00baa9c880 |
# | Package | Scopes | Licenses | Analyzer Issues | Scanner Issues |
---|---|---|---|---|---|
1 | Maven:org.eclipse.sisu:sisu-plexus:0.9.0-SNAPSHOT | Declared Licenses:
|
|
|
---
excludes:
paths:
- pattern: "**/META-INF/DEPENDENCIES"
reason: "BUILD_TOOL_OF"
comment: "Licenses contained in this directory reflect content analysed elsewhere."
- pattern: "**/META-INF/NOTICE*"
reason: "BUILD_TOOL_OF"
comment: "Licenses contained in this directory reflect content analysed elsewhere."
- pattern: "**/*.svg"
reason: "BUILD_TOOL_OF"
comment: "SVG files do not contain any license information."
- pattern: "package-lock.json"
reason: "BUILD_TOOL_OF"
comment: "Does not contain any license information."