DevGuard Logo

/Devguard
Group
/devguard-documentation
Repository

Overview
Compliance
Code Risks
Dependency Risks
Dependencies

Only OSI approved licenses

This policy checks if there is no violation against the license allow list.

Control evaluation result

Component "/abab" has no license declared
Component "/acorn" has no license declared
Component "/acorn-walk" has no license declared
Component "/agent-base" has no license declared
Component "/client-only" has no license declared
Component "/data-view-buffer" has no license declared
Component "/data-view-byte-length" has no license declared
Component "/data-view-byte-offset" has no license declared
Component "/devguard-docs" has no license declared
Component "/dlv" has no license declared
Component "/domexception" has no license declared
Component "/framer-motion" has no license declared
Component "/http-proxy-agent" has no license declared
Component "/https-proxy-agent" has no license declared
Component "/inflight" has no license declared
Component "/is64bit" has no license declared
Component "/istanbul-lib-coverage" has no license declared
Component "/istanbul-lib-instrument" has no license declared
Component "/istanbul-lib-report" has no license declared
Component "/istanbul-lib-source-maps" has no license declared
Component "/istanbul-reports" has no license declared
Component "/jest-pnp-resolver" has no license declared
Component "/ljharb-monorepo-symlink-test" has no license declared
Component "/mj-context-menu" has no license declared
Component "/motion-dom" has no license declared
Component "/motion-utils" has no license declared
Component "/mylib" has no license declared
Component "/remark-reading-time" has no license declared
Component "/server-only" has no license declared
Component "@bcoe/v8-coverage" has no license declared
Component "@corex/deepmerge" has no license declared
Component "@edge-runtime/cookies" has no license declared
Component "@edge-runtime/ponyfill" has no license declared
Component "@edge-runtime/primitives" has no license declared
Component "@formatjs/intl-localematcher" has no license declared
Component "@my-scope/package-a" has no license declared
Component "@my-scope/package-b" has no license declared
Component "@napi-rs/simple-git" has no license declared
Component "@napi-rs/simple-git-android-arm-eabi" has no license declared
Component "@napi-rs/simple-git-android-arm64" has no license declared
Component "@napi-rs/simple-git-darwin-arm64" has no license declared
Component "@napi-rs/simple-git-darwin-x64" has no license declared
Component "@napi-rs/simple-git-freebsd-x64" has no license declared
Component "@napi-rs/simple-git-linux-arm-gnueabihf" has no license declared
Component "@napi-rs/simple-git-linux-arm64-gnu" has no license declared
Component "@napi-rs/simple-git-linux-arm64-musl" has no license declared
Component "@napi-rs/simple-git-linux-powerpc64le-gnu" has no license declared
Component "@napi-rs/simple-git-linux-s390x-gnu" has no license declared
Component "@napi-rs/simple-git-linux-x64-gnu" has no license declared
Component "@napi-rs/simple-git-linux-x64-musl" has no license declared
Component "@napi-rs/simple-git-win32-arm64-msvc" has no license declared
Component "@napi-rs/simple-git-win32-x64-msvc" has no license declared
Component "@next/swc-linux-x64-musl" has no license declared
Component "@radix-ui/react-compose-refs" has no license declared
Component "debian/base-files" has no license declared
Component "debian/gcc-12" has no license declared
Component "debian/gcc-12-base" has no license declared
Component "debian/libc6" has no license declared
Component "debian/libgcc-s1" has no license declared
Component "debian/libgomp1" has no license declared
Component "debian/libssl3" has no license declared
Component "debian/libstdc++6" has no license declared
Component "debian/netbase" has no license declared
Component "debian/tzdata" has no license declared

Status

Evaluation result after comparing the policy with the current state of the asset
64 Violations
Update the attestation using the following command
devguard-scanner attest --token <Personal access token> --predicateType "https://cyclonedx.org/bom" <json file>

Create a Personal Access Token

To use the Devguard-Scanner, you need to create a Personal Access Token. You can create such a token by clicking the button below.

Manage your tokens
GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 667098114b5ef45c7830e7aa599604fa65eb818f