rkg-mm

I can add some here, e.g. Google.Api.CommonProtos 2.2.0 Microsoft.ApplicationInsights.Kubernetes 2.0.2 -> both don't resolve but add URL https://aka.ms/deprecateLicenseUrl. in NuGet and Github a license is defined properly it seems

Ok the license detection of the nuget tool seems to be way worse than the npm tools. But I did dig a bit deeper and this seems to be mostly...

@stevespringett Since for us this would be a very helpful feature I can assign a coworker to take care of this improvement in some weeks. Would you help me define...

See https://github.com/DependencyTrack/dependency-track/issues/1539

You mean you have a set of Projects, and other projects use these projects as lets say components? Wouldn't that be more like a dependency from the parent project on...

Not sure if that works, but if you define a package identifier for the sub-projects, then reference those identifiers in the BOM file of the parent project, could that be...

How do you even see that field? I just wanted to report a bug about the license displaying and was looking through open issues, finding this one, which surprises me:...

* The mail proposal could be tackled by my proposal here, might need an option to inform the complete team, which in my opinion is rarely a good idea, but...

Additional request: When we support multi-licensed components, also the Policy Violations should be ensured to support it. E.g. if a component is dual-licensed and one of the license is in...

Running into the same issue: `Unable to locate valid bom ref for Microsoft.Extensions.Configuration.Json [2.1.0, )` Anyone found a solution? edit: downgrading to 2.3.0 works btw