Skip to content

Commit

Permalink
add screenshot showing license compliance MR comment
Browse files Browse the repository at this point in the history
  • Loading branch information
@khorne3
khorne3 committed Nov 6, 2024
1 parent 26637d1 commit d542d27
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions docs/semgrep-supply-chain/license-compliance.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,10 @@ At least one repository that scans for dependencies through Semgrep Supply Chain

Semgrep Supply Chain's **license compliance** feature enables you to explicitly allow or disallow (block) a package's use in your repository based on its license. For example, your company policy may disallow the use of packages with the Creative Commons Attribution-NonCommercial (CC-BY-NC) license.

![Semgrep Supply Chain Dependencies tab with licenses listed](/img/sc-license-configuration.png#md-width)
_**Figure**. Semgrep Supply Chain's License configuration tab with licenses and permissions listed._
Whenever Semgrep determines that a disallowed package has been used, it can notify you of this in a pull request or merge request comment:

![MR comment with license compliance information shown](/img/license-compliance-pr-comment.png#md-width)
_**Figure**. GitLab merge request comment featuring license compliance information._

## Language support

Expand Down
Binary file added static/img/license-compliance-pr-comment.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit d542d27

Please sign in to comment.