You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a dependency has multiple licenses detected, this can basically mean four things.
Either the code is dual-licensed under both licenses (for example net.java.dev.jna:jna:5.6.0),
or the parent POM is covered by one license and the POM itself is covered by another license (for example org.ow2.asm:asm:9.6),
or some parts are covered by one license and other parts are covered by another license (for example org.jacoco:org.jacoco.report:0.8.11),
or some license detection rules are erroneous (for example org.hamcrest:hamcrest:2.2).
In any case, you most probably have to have a deeper look into those cases and evaluate on a case-by-case basis what the situation is, so it would be nice to have a section that lists all dependencies that have multiple licenses detected in the inventory HTML report to have a work-list to go through.
The text was updated successfully, but these errors were encountered:
Vampire
changed the title
It would be nice if the inventory report had a section multiple licenses
It would be nice if the inventory report had a "multiple licenses" section
Apr 16, 2024
If a dependency has multiple licenses detected, this can basically mean four things.
Either the code is dual-licensed under both licenses (for example
net.java.dev.jna:jna:5.6.0
),or the parent POM is covered by one license and the POM itself is covered by another license (for example
org.ow2.asm:asm:9.6
),or some parts are covered by one license and other parts are covered by another license (for example
org.jacoco:org.jacoco.report:0.8.11
),or some license detection rules are erroneous (for example
org.hamcrest:hamcrest:2.2
).In any case, you most probably have to have a deeper look into those cases and evaluate on a case-by-case basis what the situation is, so it would be nice to have a section that lists all dependencies that have multiple licenses detected in the inventory HTML report to have a work-list to go through.
The text was updated successfully, but these errors were encountered: