Open Source package License Compliance

Bridgecrew policy ID: BC_LIC_1
Severity: MEDIUM

Non-compliant license type has been found on your open source packages

Description

Open source software licenses govern how others – besides the originator – can use, modify, or distribute software code. They grant other users the permission and rights to use or repurpose the code for new applications or to include the code in other projects.

Selecting an open source license type depends largely on the intention of the licensor or developer for use of the software. Many licenses are considered restrictive because they have language requiring copyleft contributions or restricting the commercial use of the software.

Our out-of-the-box policy considers all approved OSI licenses as compliant (http://opensource.org/licenses/alphabetical) and alerts users when a package is used that contains a license that is not considered approved.