This guide will show you how to edit the License Risk Policy in Kiuwan Insights. 

Content


Licenses Policies Management

As explained in Insights Licenses > LicenseRisk there's a default policy to assign a License Risk to licenses found during Insights analysis.

The default License Risk Policy works as follows :
  • High is associated with Copyleft, Copyrighted, and Proprietary
  • None is associated with PublicDomain, Permissive, and WeakCopyleft
  • Unknown is associated with licenses without a License Type.

This default policy is quite conservative. It raises an alert when some license might have a legal implication. But, depending on the specific case, the alert might not apply to your organization or you don't need to be alerted about certain licenses. 

In these cases, Kiuwan Insights' Licenses Policies lets you change the License Risk of any License to suit your specific needs.

Required Permissions

Permissions

To make changes to License Policies, only users granted with Application Management permission are allowed to access Policies Management modules.

Scope of Changes

Custom changes to the level of License Risk of a License can be applied to several scopes

Changes to the level of Risk of a License

Scope

Precedence

Meaning

Global

1

Change to the license is global, i.e. it applies to all components of all the apps that are using that license.

The change applies to current components as well as new components discovered in future analyses.

Application

2

Change to the license applies to all components of the selected app that are using that license.

The change applies to current components as well as new components discovered in future analyses.

Components belonging to other app using this license remain unchanged

Component

3

Change to the license applies to the selected component, regardless of the app using the component

App-Comp

4

Change to the license applies to the selected component in the selected app.

Selected components using this license belonging to other app remain unchanged.

 The precedence column means the applicability in case of conflicts, being applied the case with higher precedence value.

For example, we could have configured:

  • License L is High for application A (application scope: 2)
  • License L is Medium for component C (component scope: 3)

What will be the level for component C in application A? Precedence 3>2, L will be Medium for C in A.

Changes are retroactive

Changes to Licenses are applied retroactively, i.e. changes will be applied not only to future analyses but also to past analyses

How to change Licenses Policies

Changes to Licenses Risks can be done on several pages:

ScopeKiuwan Insights Page
Global and/or Application
  • Licenses >> Licenses Policies >> By License
  • Licenses (selecting a licensing row and opening the license menu)
  • Insights Management (admin menu)
Component and/or App-Comp
  • Licenses >> Licenses Policies >> By Component
  • Licenses (selecting a licensing row, opening the component row and clicking on the component menu)
  • Insights Management (admin menu)

Global Licenses Administration

Kiuwan Insights enables you to globally administer the licenses found within your Kiuwan account.

You can access the Global License Admin by selecting Licenses Policies at the License tab's hamburger menu.


Licenses Policies allow you to make changes based on Licenses and/or Components

By License

When By License is selected, the full list of Licenses used by your application's components is displayed.

Click Modify to open the Modify License Policy dialog.

Global scope

  • By selecting the Custom Global Risk dropdown list at the License level, you will change it to the Global scope.

Application scope

  • Additionally, by selecting the Custom Risk dropdown list of an application, you will change it to the Application scope.

See Scope of Changes for an explanation of scopes.

By Component

When By Component tab is selected, the full list of Components used by your application is displayed

Click Modify to open the Modify License Policy dialog.

Component scope

  • By selecting the Custom Global Risk dropdown list at the Component level, you will change it to Component scope.

Application scope

  • Additionally, by selecting the Custom Risk dropdown list of an application, you will change it to the App-Comp scope.

See Scope of Changes for an explanation of scopes.

Licenses page

You can modify the License Risk of any license/component from the License tab.

By License

Just click on the dropdown menu at the right of a specific License and select  Modify Policy.

Clicking on Modify Policy will open Modify License Policy dialog

Then, you can decide either to change the level to a Global or Application scope

See Scope of Changes for an explanation of scopes.

By Component

If you want to modify the License Risk level of a specific Component, open the License row and select Modify License option of the selected component.

Click Modify Policy to open the Modify License Policy dialog for the selected component

Then, you can decide either change the level at a Component (Global value)  or App-Comp (Application value) scope

See Scope of Changes for an explanation of scopes.

Insights Management

Open the drop-down menu on the upper right and select Insights Management. 

The following page will open: 

Please follow the instructions in the previous paragraphs to modify the license policy. 


  • No labels