cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
sewechad
Active participant

“I don’t know” license type should not be published

The automated component detection creates inventory items with unknown license types. This happens under the following scenarios:

  • Automated component detection publishes inventory items with "I don't know" license type
    • There are multiple license options (i.e. CDDL or GPL with Classpath Exception)
    • The component does not have a license
  • Automated component detection creates unpublished inventory items with "Work In Progress" license type

The published items with the "I don't know" license type are labeld as P3 and marked as “Pending”. It does not make sense to me that an inventory item can be published for approval if the license type is not known.

If a license cannot be determined, the automated fining should be unpublished state so that the analyst can determine the correct license type.

0 Kudos