Configuring Default Policy Rules

When FOSSA encounters licenses that have not been categorized, you have the option to configure policies that determine the default course of action. This ensures that uncategorized licenses are handled in a consistent and appropriate manner in line with your organization’s compliance requirements.

To set the default behavior, simply click the Make Default check button, which is located in the header of each defined license category. This will ensure that any uncategorized licenses are automatically assigned the selected classification, helping to streamline your policy enforcement and maintain clarity in your compliance processes.

There are three primary categorization options, in addition to an Uncategorized grouping, which is used for any remaining licenses that have not been explicitly assigned to a specific category.

Uncategorized

When a new policy is created, this is the default categorization. Choosing “Uncategorized” leaves the license in an unknown state and does not take any action.

Deny

Selecting Deny as the default licensing option will generate a Policy Conflict issue whenever an uncategorized license is detected.

Flag for Review

Selecting Flag for Review as the default licensing option will generate a Policy Flag issue whenever an uncategorized license is detected. This allows for manual evaluation before any further decisions are made regarding their approval or rejection.

Approve

Selecting Approve as the default licensing option will explicitly approve any uncategorized licenses that do not trigger other policy-related issues, allowing them to pass through without intervention.

By carefully selecting the appropriate default categorization, you can ensure that FOSSA manages uncategorized licenses in a manner that best aligns with your organization’s compliance and risk management strategy.

🚧

False Positive Warning

Configuring this feature on large projects can lead to a lot of false positives upon scanning for issues.