The automated component detection only identifies sub-components of a larger development framework. For example, our developers may be using Spring Boot framework, Angular 7 framework, etc. and CodeInsight will find 100+ sub-components and provide no hierarchy information for which components belong to the larger framework. This causes our analysts to waste a lot of effort researching the license of the sub-component.
The product should provide a method for establishing a license component hierarchy (see examples below) for complex open source frameworks so that we don’t have to waste a lot of effort researching obscure sub-component licenses.
Apache CXF (Apache 2.0)
Component 1 (MIT)
WSDL4J (CPL) à Weak Copyleft but follows ASF policy guidelines to only include binary file