Logo Sonatype CLM Sonatype CLM Server - Application Composition Report
Documentation Index
Sonatype CLM Downloads
Release Notes
Document Descriptions and PDFs
Upgrade Instructions
Requirements

Sonatype CLM Server
Installation and Configuration
Security Administration
Policy Management
Dashboard
Application Composition Report
REST APIs

Sonatype CLM for...
Bamboo
CLI
Hudson and Jenkins
IDE
Maven
Nexus
SonarQube

The CLM Book (All Guides)
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Application Composition Report

4.2. License Analysis

The component list on the License Analysis tab is more similar to the list on the Policy tab, because it is a list of all components, not just those that have a license issue.

The list itself includes columns for License Threat, Component, and Status of the license issue. Clicking on the column provides sorting, while specific items can be searched using the field just below the column heading.

License Threat

The list of components is ordered by license threat which is based on the threats assigned to the license threat groups. Though a single component may actually have several licenses, license threat will only show the highest threat. This threat, as we mentioned earlier, is based on four default categories, which correspond to four default license threat groups of the same name.

  • Critical
  • Severe
  • Moderate
  • No Threat
Status
License status, like status for security vulnerabilities, allows you to track the process for license related research. In addition it provides a way to override a license in situation where you believe the license to be incorrect, or there is an option to choose a specific license. We’ll discuss that process a little bit further down.