License Priority
You want to understand the priority of licenses in your codebase so you can handle them based on your corporate policies. Code Insight uses a default license priority to highlight which licenses associated with inventory need more attention than others in the inventory review process, helping to define day-one work items.
Each license referenced in the Analysis Workbench and on the Project Inventory tab has one of the following priority values:
|
Priority |
Characteristics |
Icon |
Description |
|
P1 |
Viral/Strong Copyleft |
|
Usually, P1 licenses require immediate attention due to the possibility of tainting proprietary application code, an issue that can have significant business impact. |
|
P2 |
Weak Copyleft/Commercial/Uncommon |
|
The typical P2 license requires legal review and guidance based on corporate policies about the proper use of these types of licenses in your organization. |
|
P3 |
Permissive/Public Domain |
|
In general, P3 licenses are allowed and have minimal impact to an organization as long as license obligations are satisfied. The most common license obligation is properly attributing the use of an open source component to its author. This is the default priority. |
Inventory priority (see Inventory Priority) is a risk metric for the inventory item that takes license priority into account as one of the contributing factors. Inventory priority is set at scan time when the inventory item is created by the system or during inventory review. You can set or override the inventory priority at any time. License priority, on the other hand, is static and never changes. The license priority is supplied by the Electronic Update.
Inventory priority typically defaults to the license priority value unless a critical vulnerability exists or you manually override the inventory priority value (as described in Inventory Priority).
Note:Code Insight REST APIs that reference the license entity, such as the Component Lookup API, include the license priority in the API response body.
Viewing the License Priority
You can view the license priority from the License Details window associated with the license. See License Details from the Code Insight Data Library for details on accessing this window.
