Merge pull request #19593 from dvdksn/scout-policy-copyleft-allowlist

scout policy copyleft allowlist
docker · Mar 11, 2024 · d6de5de · d6de5de
2 parents 222db4c + 66894a3
commit d6de5de
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 12 deletions.
diff --git a/content/scout/policy/_index.md b/content/scout/policy/_index.md
@@ -113,8 +113,9 @@ unsuitable for use in your software because of the restrictions they enforce.
 This policy is unfulfilled if your artifacts contain one or more packages with
 a violating license.
 
-You can configure the list of licenses by creating a custom policy, see
-[Configure policies](./configure.md).
+You can configure the list of licenses that this policy should look out for,
+and add exceptions by specifying an allow-list (in the form of PURLs).
+See [Configure policies](./configure.md).
 
 ### Outdated base images
 

diff --git a/content/scout/policy/configure.md b/content/scout/policy/configure.md
@@ -17,16 +17,7 @@ edit the display name and description of the new policy to help distinguish
 it from the default policy it's based on.
 
 The available configuration parameters for a policy depends on the default
-policy you used as a base for your custom policy. The following table lists the
-default policies that you can configure, and the available configuration
-parameters that you can use to create a custom policy.
-
-| Default policy                            | Configuration parameters |
-| ----------------------------------------- | ------------------------ |
-| All critical vulnerabilities              | Severities               |
-| Copyleft licenses                         | License names            |
-| Fixable critical and high vulnerabilities | Severities, age          |
-| High-profile vulnerabilities              | CVEs                     |
+policy you used as a base for your custom policy.
 
 To configure a policy: