Policies

In the Policies section is possible to create, modify or delete the policies related to the licenses of opensource components. Every policy can be associated with a set of projects using regular expressions or tags.

Every rule defines the licenses that are/are not allowed. The standard used is the SPDX, but specific extensions are provided for some proprietary licenses and specific licenses for some software producers.

The system already provides pre-compiled templates to manage some common cases:

• exclusion of all Copyleft licenses

• exclusions of all Affero licenses

• exclusions of all GPL licenses

Structure of a policy

A policy contains a list of licenses, and can be of two different types:

• DENY: it will deny all licenses listed in the policy

• ALLOW: it will allow only the policies listed in the policy

All policies applicable to a project, based on tag or on matching, will be computed together. In case of a violation, the pollcy will be clearly indicated in the report: