Restrictions made by policies are controlled by you, the user.
If SOOS identifies policy violation(s) in your project, there are three courses of action you can take to resolve them:
- Remove or replace the indicated package with one that is more acceptable. When the package has been removed and the violation is not detected on the next subsequent scan, the violation issue will be moved to the Resolved issue list.
- If the indicated package causing the violation is deemed safe and necessary, suppress the violation with a supporting attestation statement. This will move the violation to the Attested issue list.