From 8502fd546cff95f74e1c63a2797cfbeca8df98ba Mon Sep 17 00:00:00 2001
From: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Date: Mon, 11 Mar 2024 10:39:50 +0100
Subject: [PATCH 1/2] scout: copyleft policy allow-list

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
---
 content/scout/policy/_index.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/content/scout/policy/_index.md b/content/scout/policy/_index.md
index 75cb41028b3..657c77fbb6c 100644
--- a/content/scout/policy/_index.md
+++ b/content/scout/policy/_index.md
@@ -113,8 +113,9 @@ unsuitable for use in your software because of the restrictions they enforce.
 This policy is unfulfilled if your artifacts contain one or more packages with
 a violating license.
 
-You can configure the list of licenses by creating a custom policy, see
-[Configure policies](./configure.md).
+You can configure the list of licenses that this policy should look out for,
+and add exceptions by specifying an allow-list (in the form of PURLs).
+See [Configure policies](./configure.md).
 
 ### Outdated base images
 

From 66894a386069014649b93da907f0b888a75a105a Mon Sep 17 00:00:00 2001
From: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Date: Mon, 11 Mar 2024 10:40:36 +0100
Subject: [PATCH 2/2] scout: remove list of configurable policy params

This list was out of date and we now have so many policies that a list
like this is no longer helpful.

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
---
 content/scout/policy/configure.md | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/content/scout/policy/configure.md b/content/scout/policy/configure.md
index b98e4f10b83..d4f1e96c6f5 100644
--- a/content/scout/policy/configure.md
+++ b/content/scout/policy/configure.md
@@ -17,16 +17,7 @@ edit the display name and description of the new policy to help distinguish
 it from the default policy it's based on.
 
 The available configuration parameters for a policy depends on the default
-policy you used as a base for your custom policy. The following table lists the
-default policies that you can configure, and the available configuration
-parameters that you can use to create a custom policy.
-
-| Default policy                            | Configuration parameters |
-| ----------------------------------------- | ------------------------ |
-| All critical vulnerabilities              | Severities               |
-| Copyleft licenses                         | License names            |
-| Fixable critical and high vulnerabilities | Severities, age          |
-| High-profile vulnerabilities              | CVEs                     |
+policy you used as a base for your custom policy.
 
 To configure a policy: