Violation Issues
SOOS allows you to create policies or rules around the packages, licenses and CWEs identified through SOOS scans. Once a policy is created, a policy violation warning will be generated any time a scan detects something which matches the policy definition.
Governance Policies contains information on the different types of policies that can be created, as well as how to create them.
Policies are a great way to protect against open source issues such as unacceptable licenses, undesirable packages, unacceptable CWEs and more.
Since violations are the result of a policy definition that was deliberately created by someone in your organization, they typically need to be resolved by removing the offending package. Alternatively, you may wish to adjust the policy scope if it should only apply to a subset of projects.
