Exclude internal components from license policy

[bj-k]

Hi

I made a policy to check for licenses which are not in an allowed-licenses license group.
This works. But I also get policy violations for internal components which either have no license or one that's not allowed for third-party components. Is there a good way to exclude them from the license policy?

I configured the internal components in "Administration > Internal Components". They're also marked as internal. But I don't see a possibility to exclude them from the policy.

Excluding them with an additional condition (like PURL does not match package xyz) works for excluding them. But now if I get a policy violation I don't get only one for my policy, I get one for every condition. One of risk type "License" and one of risk type "Operational" regarding the package match.
This for one doubles the amount of policy violations and it also doesn't make sense to have to accept a policy violation because a third-party component doesn't match our internal package namespace.

Any help would be appreciated.

[fupgang]

But now if I get a policy violation I don't get only one for my policy, I get one for every condition

That's the bug described in #2146, work in progress.

[bj-k]

Thanks! I somehow missed that bug.