Logo Sonatype CLM Sonatype CLM Server - Policy Management Guide
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Policy Management Guide

7.5. Creating a License Threat Group

An important aspect of license threat groups is that each one also has a threat level, just like policy (from zero signifying no threat all the way up to 10). Unless you have specific legal recommendation / council, the default license threat groups will suffice, especially in the beginning. However, they can be edited. In fact, entirely new ones can be created altogether. Let’s use that premise, and create a new license threat group, Banned Licenses. When creating the license threat group, keep in mind that they will be inherited from the organization to all associated applications.

  1. Log in to the Sonatype CLM Server (by default this is available at http://localhost:8070) using a user account with at least Owner-level permissions for the organization or application (a member of the Owner Group).
  2. Click on the Organizations (or Applications) link, and then click on the organization (or application) you want to add the label in.
  3. Click the Licenses tab, and then the New License Threat Group button.
  4. Enter Banned Licenses for the name, and pick a threat level

  5. Add the following licenses from the Available Licenses to the Applied Licenses list by clicking on them in the list on the right

    1. AGPL-3.0
    2. AGPL
  6. When everything is done you screen should look like Figure 7.2, “Creating a Condition Evaluating a Label” and you can click the Save button to finish.
figs/web/clm-server-license-threat-group-create.png

Figure 7.3. Creating a License Threat Group