Open source license compliance
Open source license compliance
DevOps Intelligence offers several license report graphs for a deeper comprehension of your open source license compliance.
More and more companies are choosing open source tools as part of a standard library composing the tool stack. The downside is that many of these tools while inexpensive or complementary, still require a license. Whether open source or proprietary, licenses must be maintained. a license violation is a violation regardless of whether the tool is open source. Managing that locense library is therefore a critical element of your developer operations.
DevOps Intelligence provides observability of the state of your open source license compliance
Open Source License compliance
Selecting Open source license compliance opens the Open Source License Compliance dashboard displaying a set of graphs that monitor open-source licenses statuses, and an export feature that allows a customized report file download, as follows:
ll open-source code must be regulated. The primary function of this dashboard is to track of all licenses being used by each applications and to understand which are authorized and which are not.
Display Filters
The dashboard is equipped with two filters to tailor data presentation to specific requirements:
- Global Filter:Filter by application and duration (time span in days from selected origin to present) for example, the past 30 days. DefaultAll.
- Release Filter:Filter by a specific release such as 8/27/2025. DefaultAll.
The two filters work in concert to limit presented data to the selected application AND duration AND Release. If both are set to the default
All
all data is presented. However, if for example, you filter on my_application
(global filter) and release July 23, 2025
(release filter), the dashboard will present only data for my_application
at release July 23, 2025
.License Detected
The License Detected graph represents the total number of licenses detected according to the day-month timeline selection. Severities in this widget are classified according to their criticality:
- Allowed: Green color.
- Denied: Red color.
- Uncategorized: Dark red color.
- Need approval: Yellow color.
Graph data supports selecting predetermined Applications and Dashboards from the Drop-down menu. By default, it is for all applications and all technical services and, it represents the data for the last 7 days.
The License Detected widget presents two axis that indicates the
Total License Detected
within a specified period: - X-Axis (Duration): The X-axis corresponds to the month in which the bar graph data is shown. Depending on the time you select, the bar graph changes in color based on the severity of the licenses detected. By hovering over the graph, the following data is presented for each license severity:
- Group: The severity that the licenses in a given group have.
- Range: The cut-out date for detected licenses.
- Value: Total number of licenses in a particular severity group.
- Y-Axis (Total License Detected: The Y axis corresponds to the total number of licenses found for each severity within a given period. By placing the cursor right above a bar, in alignment with the center of it, the following information is displayed:
- Range: The cut-out date for detected licenses.
- Allowed: Total number of licenses detected in the Allowed category.
- Denied: Total number of licenses detected in the Denied category.
- Uncategorized: Total number of licenses detected in the Uncategorized category.
- Need approval: Total number of licenses detected in the Need Approval category.
- Total Licenses: The total number of licenses from all categories.
License by Severity
The License by Severity widget graph represents the total number of aggregated licenses detected according to day-month timeline selection. Severities are classified into two categories:
Critical
and Info
. Graph data supports selecting predetermined Applications and Dashboards from the Drop-down menu. By default, it is for all applications, all teams, and for default organizations. By default, it represents the data for the last 7 days.
The License by severity widget presents two axis that indicates the
Total License Detected
within a specified period:- X-Axis (Duration): The X-axis corresponds to the month in which the bar graph data is shown. Depending on the time you select, the bar graph changes in color based on the severity of the licenses detected. By hovering over the graph, the following data is presented for each license severity:
- Group: The severity that the licenses in a given group have.
- Range: The cut-out date for detected licenses.
- Value: Total number of licenses in a particular severity group.
- Y-Axis (Total License Detected): The Y-axis corresponds to the total number of licenses found for each severity within a given period. By placing the cursor right above a bar, in alignment with the center of it, the following information is displayed:
- Range: The cut-out date for detected licenses.
- Critical: Total number of licenses detected and classified as Critical severity.
- Info: Total number of licenses detected and classified as Info severity.
- Total: The total number of licenses from all severities.
Export license compliance details
Export license compliance details allow you to download a report file based on
Technical services
and License status
, multiple selections are enabled on both options, to download a license report complete the following procedure: - SelectSearch Technical servicesand choose one or more technical services.
- SelectSearch Licence Typeand choose one or more license statuses.
- SelectExport to CSVand a dialog will prompt you to save or open the CSV file.
License Compliance Details table
The License Compliance Details Table View is a table that provides technical service Security data in a tabular form and enables a detailed view of each technical service. Each row in the table displays information for a specific technical service, separated by columns of information type:
- Technical service: The name of the micro-technical service within the larger application.
- Application: The name of the application, typically comprising multiple micro-technical services.
- Image Name:The assigned image name.
- Release Name:The name of the release in which the license was activated.
- License detected: Total number of licenses detected for a technical service.
- Denied:The number of licenses that were denied.
- Need Approval:The number of licenses for which approval has not been granted.
- Allowed:The number of licenses that have been granted.
- Uncategorized:The number of licenses for which the license text is not recognized by an open source body.
The Table view supports a sort feature that enables you to toggle between ascending and descending alphanumeric order for all columns except
License detected
and Critical
. The Table View displays all data without regard to filter selection.
To access details for a specific technical service, click the row for that technical service. It also supports detailed views for each technical service, to access details for a specific technical service, click the row for that technical service).
When you click on a technical service from the Table View, a new dialog appears with technical service details. The following elements are displayed in this dialog:
- License: The name of the license for a given technical service.
- Package name: The name of the license directory (package location)
- Package version: The version of the license detected.
- License Status: One of the categories that licenses can fall into.
The Table View provides a clickable arrow below the bottom right corner of the table that enables navigation across pages of data (Page 1 of 3, Page 2 of 3, etc
Toggel: vulnerable services vs. all services
By default, the dashboard shows only services that contain vulnerabilities, which means not all services are displayed. Click the Show All toggle to display all services for selected applictions, regardless of vulernability.
Do you have two minutes for a quick survey?
Take Survey
