Skip to main content
Skip table of contents

Libraries matched by "Exact Match" are missing License or Copyright Information

While checking the inventory report we often stumble upon ‘Exact Match’ libraries that are also in status ‘Requires Review’ as the associated license information is missing.

 

It's important to know that it’s not unusual to have an ‘Exact Match’ for a library that has no license information.
The role of the Exact Match is not to indicate if a library’s associated information is known or unknown to WhiteSource.
This label only means that the application populated the library in the inventory based on its SHA1 ( because, inside the application, a SHA1 match is considered an ‘Exact’ match).

Therefore the ‘Exact Match’ label does not determine if a library should have a known license. The missing license information can have multiple causes:

  • the library is proprietary -> should be marked as in-house

  • the library is commercial

  • the library has a SHA1 that was not found in our database

In this case, whether the library is an ‘Exact Match’ or not you should require a license review to be performed for that library.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close