Achieve Open Source License Compliance through Automation

As mentioned when we launched our license feature, we were working hard on extending our automation engine with license capabilities. Finally it’s all ready for you to try and use – let’s have a look at what can be achieved!

Creating license targeted automation rules

In the automation engine, you now have three license related subjects to choose from, by which you can create conditions:

  • One or more licenses – Allows you to e.g. ban specific licenses
  • License family – Allows you to e.g. ban a range of licenses, such as strong copyleft, in one go
  • License risk – Allows you to e.g. ban licenses carrying a high or higher risk
Automations engine, the three new license related conditions, license, license family and license risk. Debricked
The three new license related subjects, license, license family and license risk.

You can now, for example, create a rule which fails your pipeline whenever a dependency with a high or higher license risk is introduced to your repository. The rule would look something like this:

Creating a rule which fails pipeline whenever a new dependency is added with high or higher license risk
Creating a rule which fails pipeline whenever a new dependency is added with high or higher license risk, don’t forget to hit save!

By creating such a rule we ensure that no high risk dependencies, from a license perspective, are allowed to enter our code base. How do we know if a license is high risk? By setting a Use Case, Debricked can calculate the license risk for you. You can read more about setting use cases for repositories here.

Get compliant today

Get, and stay, license compliant within a few minutes by creating a free Debricked account today!

Want to stay up to date with our lastet news and products?

Share on facebook
Share on twitter
Share on google
Share on pinterest

1 thought on “Achieve Open Source License Compliance through Automation”

  1. Sheriff Manzoor

    Hello,

    Interesting blog, I am curious to know if the license rules can be set with respect to conext such as integration type of OSS licensed components. Is there also provision to add license clause related rules?

    Best Regards
    Sheriff Manzoor

Leave a Comment

Your email address will not be published. Required fields are marked *