Skip to main content
Skip table of contents

Legacy Mend UI - Effective Licensing

Introduction

The purpose of this article is to review and demonstrate how to choose a specific license type when multiple types are associated with an open source library.

Mend provides detailed license information for each detected library including a risk scoring metric based on legal analysis.

Information is provided on an as-is basis, please consult your legal advisor.

Selecting a Single License

Occasionally there are open source libraries with multiple license types associated with them. Mend will alert you when multiple license types are available as well as report to you the effective license type chosen by your team.

From the main dashboard there is an alert to show you libraries with multiple license types:

Clicking on the Multiple Licenses number will take you to the License & Compliance Alert where you can then select a specific library.

The license types for the selected library are shown in the License section of the General Info tab, click on each license name hyperlink to see the relevant license details.

Choosing a License Type

Permissive licenses allow you to use the code without restriction. You do not have to republish any changes you make and you are not required to make your application or codebase available to others. Example permissive license types include MIT, Apache 2.0 and BSD.

Copyleft licenses require you to make your code publicly available. If you have a single open source dependency that has a copyleft license in your application you must open up your code for others. Copyleft license types include GPL (GPL v2 and GPLv3), AGPL, LGPL and Mozilla Public License 2.0.

After reviewing the license details you can then make a choice as to which license type is applicable in your situation. Click the Override button, click the remove option for any license type you do NOT want to associate with this library and then click Ok. The remaining license type will be shown in the License section for this library. This choice will apply to all instances of this library across your organization.

Effective License Report

To see a listing of all libraries with multiple license types where a specific type has been chosen (Effective Licenses) choose Reports > Effective Licenses. You can then view from the organizational level or within a specific Product. The Effective License is shown as well as the Original Licenses:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.