Menu
after running pipeline on a java project I get some vulnerability related to license but I do not get what is the issue. Below the report:
EPL-1.0 license
Dual license: EPL-1.0, LGPL-2.1
What is the issue? Snyk usually provides info on how to fix but in this case no.
I tried searching info but nothing helps.
262
asked Oct 21 '25 10:10
Open Source License compliance management is a feature from one of the paid tiers in Snyk. Your scanner now also checks for potential problems with the licenses for the open-source packages your are using.
The reason for this is that the use of some licenses come with obligations. If I am correct, the EPL license is a copy left license which means the software you create with it should also have the EPL license.
Regardless of the license not being compliant with the license can come with legal consequences.
The policies for licenses are fully customisable. Assuming you work in a team (since this is a paid feature), the policy was for the EPL license was set for a reason. Maybe connect with your administrator to find out why you should not use EPL-1 licensed components.
Hope this helps.
115
answered Oct 23 '25 23:10
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With