From 12221d835d5f63c4747f0cbd30e4aac8b78e857c Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Mon, 13 Sep 2021 09:11:26 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 doc/user/compliance/license_compliance/index.md | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'doc/user')

diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md
index 566270f3774..7dd0e7241eb 100644
--- a/doc/user/compliance/license_compliance/index.md
+++ b/doc/user/compliance/license_compliance/index.md
@@ -49,6 +49,15 @@ When GitLab detects a **Denied** license, you can view it in the [license list](
 You can view and modify existing policies from the [policies](#policies) tab.
 ![Edit Policy](img/policies_maintainer_edit_v14_2.png)
 
+## License expressions
+
+GitLab has limited support for [composite licenses](https://spdx.github.io/spdx-spec/appendix-IV-SPDX-license-expressions/).
+License compliance can read multiple licenses, but always considers them combined using the `AND` operator. For example,
+if a dependency has two licenses, and one of them is allowed and the other is denied by the project [policy](#policies),
+GitLab evaluates the composite license as _denied_, as this is the safer option.
+The ability to support other license expression operators (like `OR`, `WITH`) is tracked
+in [this epic](https://gitlab.com/groups/gitlab-org/-/epics/6571).
+
 ## Supported languages and package managers
 
 The following languages and package managers are supported.
-- 
cgit v1.2.3