License Risk Management

When working with open source, it is crucial to ensure and maintain open source compliance, also from a commercial perspective. To help with that, Debricked provides you with a comprehensive overview of all licenses in the repositories you have integrated with us. You can find that information in different areas of the tool.

See all licenses

After clicking on Licenses in the left side menu, you will be presented with a list of all your licenses in alphabetical order. Besides the name of the licenses, we provide you with the following information:

• License Risk - the grade of potential compliance risks involved with the specific license, assessed based on the use case chosen for the repository

• Dependencies - the number of dependencies affected by the license

• License family - which family the license belongs to

See all repositories affected by the license

When clicking on a specific license, you enter a different view where all repositories with the specific license are displayed. Here, you can also see the risk associated with the license within all affected repositories, as well as how many dependencies per repository are affected.

After clicking on a specific repository, the above-mentioned information can also be found in the Licences tab.

License review/override

As a Repository/Company Admin (Enterprise), you can review and manually override the license found by Debricked on a dependency level.

To do so:

1. From a repository page, go to the License tab. Here you can see a list of all licenses detected in the repository.

2. Click on Review. Here you can find a list of all licenses detected and can override the data.

Depending on your needs, you can:

• delete the license by clicking the trashcan icon

• change the detected license, by clicking on Change license and selecting a new one from the dropdown menu

• add license(s) by clicking the + button for multi-licensing.