Documentation
OPEN FOSSA APP

Global License Corrections

Suggest Edits

Enabling Global License Corrections

In order to enable global license corrections (GLC) you will need to ensure within your helm chart the enabledFeatureFlags section has the flag globalLicenseCorrections for your desired org Id

Using Global License Corrections

In order to begin using GLC you will need to navigate to the Admin Dashboard and scroll to Update Licenses

Component Locator

In order to start using GLC you will begin by supplying a component locator. Locators are how we uniquely identify a package.

A locator will consistent of three components <fetcher>+<package_spec>$<rev_spec>

Finding component Locators

There are two easy ways to find component locators within FOSSA.

In the UI

If your organization has the Packages product enabled you can simply search for any package and find the locator below the packages name

An alternative method is to leverage an API response. If you navigate to your desired Project > Dependencies > open your network tab > Look for a endpoint named dependencies?include_ignored=true&limit=750&offset=0. Within this response you will find a list of component locators for all dependencies in that project

Fetcher Anatomy:

npm+react$16.2.0
| | |
| | package spec
| | rev spec
|_ fetcher

Since Global license corrections are applied to all component revisions (versions) a rev_spec is not necessary. After supplying a locator you will see a list of detected licenses and their associated file matches.

Continuing our example above we see there is a MIT license detected in npm+react$16.2.0 with matches

Editing a license detection

By selecting the X icon next to either a file match or the license name a user may remove the file match or associated license as a whole from the component

❗️

IMPORTANT

As stated above this will impact the detected licenses for all revisions (versions) of a component regardless of which revision(version) is currently displayed

Adding a license

A user may add a net new license to the component by selecting the Add License button at the bottom left corner.

The user will be prompted to search for an existing license or add a custom license by searching custom-license

After selecting your desired new license, adding any applicable raw license text & copyright headers you can finish by selecting Add

Reverting Global License Corrections

Any change you have whether that is adding a new license, removing file matches, or removing an existing license can easily be reverted.

Replacing the X icon you will notice is an ability to Revert this override

Updated about 1 year ago