License Scan

License scan is an inbuilt feature where, the source code repo and container images are scanned for licenses and any violations that had happened. All the available components and each of their license is scanned to know whether it can be used, is prohibited from using and if there is any violations that had occurred in the components.

The license scan can be viewed in the Security Issues page.

To View the Alerts generated by License Scan

1. Navigate to Security Issues.

2. In the search bar, select Artifact. The Alerts generated in the artifacts are displayed.

3. Now search Tags and select License Scan. The alerts with License scan are displayed.

3. Select the alert for which you want to see the license scan details and click on it. A popup page with the details is displayed.

4. Expand the Show Impacted Components dropdown to view the details of the components that are impacted in the scan.

To View the License Scan Results

The License Scan results can be viewed in the Artifact Security page.

• Navigate to Artifact Security.

• Select the Artifact for which you want to view the License Scan reports.

• Go to View Reports and click on the three dots.

• Navigate to LicenseScan and click on it.

The License scan report is downloaded.