licensingsnyk

Ignore all instances of certain software license


I have a .snyk file with a number of entries like these:

  'snyk:lic:maven:org.clojure:tools.analyzer.jvm:EPL-1.0':
    - '*':
        reason: 'ignore license issue'
        expires: '2100-01-15T00:00:000Z'

  'snyk:lic:maven:org.clojure:tools.analyzer:EPL-1.0':
    - '*':
        reason: 'ignore license issue'
        expires: '2100-01-15T00:00:000Z'

These entries match the first example shown in Snyk's CLI Ignore docs.

Is there a more concise way to ignore all issues for a single license type (EPL-1.0 in this case)?


Solution

  • A bit more context to explain why you need the license ID to apply an ignore from .snyk file

    As of now, there are 3 ways to ignore a license :

    1. Using the .snyk file, which is scoped to the project. It allows you to ignore specific issues
    2. UI ignores (project tab), which is scoped to the project. It allows you to ignore specific issues and is stored in the policies field in the projects tab.
    3. UI policies, which allow you to apply a policy, which will ignore or change the level of severity of a specific license for all your organization or specific project attributes.

    Given this context, there is no option using the .snyk file (1) to ignore a specific license for all your packages without the license ID. Therefore to ignore the license issue for package, you need to find the ID for the license in the output of the snyk test command.

    Suggestion : if you still want to use the method (1) : If you created the .snyk file manually, an easier way to apply multiple ignore quicker would be to use the command snyk ignore https://docs.snyk.io/snyk-cli/commands/ignore#description

    However, depending on your current Snyk Plan, you could easily use method (3) which would allow you to EPL-1.0 for all your org, or projects. To do so please refer to this documentation https://docs.snyk.io/manage-issues/policies/create-and-edit-policies and more specifically https://docs.snyk.io/manage-issues/policies/license-policies/create-a-license-policy-and-rules