I propose a goal that will fail the build if licenses are not following a policy. For example, fail if any licenseConcluded is "NOASSERTION" or "AGPL-1.0-only". Or even check that all licenses are "OSI Approved" as per https://spdx.org/licenses/
I propose a goal that will fail the build if licenses are not following a policy.
For example, fail if any licenseConcluded is "NOASSERTION" or "AGPL-1.0-only".
Or even check that all licenses are "OSI Approved" as per https://spdx.org/licenses/