When verifying the Chainloop CLI related SBOMs against the SBOM-banned-licenses, it shows several violations. With a careful review these violations are false positives. These are mostly due to the tool that generates the SBOM, adding additional license information for files like licenses.go, NOTICE.txt etc. There also some cases of dual licenses, for which a permissive license is applicable to Chainloop product.