License Policy Plugin
This plugin allows the user to apply policy details to a scancode scan, depending on which
licenses are detected in a particular file. If a license specified in the Policy file is
detected by scancode, this plugin will apply that policy information to the Resource as a new
attribute: license_policy
.
Policy File Specification
The Policy file is a YAML (.yml
) document with the following structure:
license_policies:
- license_key: mit
label: Approved License
color_code: '#00800'
icon: icon-ok-circle
- license_key: agpl-3.0
label: Approved License
color_code: '#008000'
icon: icon-ok-circle
- license_key: broadcom-commercial
label: Restricted License
color_code: '#FFcc33'
icon: icon-warning-sign
The only required key is license_key
, which represents the ScanCode license key to match
against the detected licenses in the scan results.
In the above example, a descriptive label is added along with a color code and CSS id
name
for potential visual display.
Using the Plugin
To apply License Policies during a ScanCode scan, specify the --license-policy
option.
For example, use the following command to run a File Info and License scan on
/path/to/codebase/
, using a License Policy file found at ~/path/to/policy-file.yml
:
$ scancode -clipeu /path/to/codebase/ --license-policy ~/path/to/policy-file.yml --json-pp
~/path/to/scan-output.json
Example Output
Here is an example of the ScanCode output after running --license-policy
:
{
"path": "samples/zlib/deflate.c",
"type": "file",
"detected_license_expression": "zlib",
"detected_license_expression_spdx": "Zlib",
"license_detections": [
{
"license-expression": "zlib",
...
...
...
}
],
"license_policy": {
"license_key": "zlib",
"label": "Approved License",
"color_code": "#00800",
"icon": "icon-ok-circle"
},
"scan_errors": []
}