Skip to content

Support reporting unknown SPDX LicenseRef as their own license #2650

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pombredanne opened this issue Aug 20, 2021 · 1 comment
Open

Support reporting unknown SPDX LicenseRef as their own license #2650

pombredanne opened this issue Aug 20, 2021 · 1 comment
Assignees
@AyanSinhaMahapatra
Labels
new feature

Comments

@pombredanne
Copy link
Member

This is split from #2502 (comment)

In there @soimkim wrote

I also have a similar issue.
I want to print the items marked with SPDX License, but the ScanCode json result is output as follows.

  • Information written to the file:
    # SPDX-License-Identifier: LicenseRef-Sample-Proprietary

  • ScanCode json result :

"licenses": [
        {
          "key": "unknown-spdx",
          "score": 83.33,
          "name": "Unknown SPDX license detected but not recognized",
          "short_name": "unknown SPDX",
          "category": "Unstated License",
          "is_exception": false,
          "owner": "Unspecified",
          "homepage_url": null,
          "text_url": "",
          "reference_url": "https://scancode-licensedb.aboutcode.org/unknown-spdx",
          "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/unknown-spdx.LICENSE",
          "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/unknown-spdx.yml",
          "spdx_license_key": "LicenseRef-scancode-unknown-spdx",
          "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/unknown-spdx.LICENSE",
          "start_line": 3,
          "end_line": 3,
          "matched_rule": {
            "identifier": "spdx-license-identifier: unknown-spdx",
            "license_expression": "unknown-spdx",
            "licenses": [
              "unknown-spdx"
            ],

Although it is not a license registered in SPDX, is there a way to print the License ID ("Sample-Proprietary" in the example above) if it is written according to the notation of the SPDX License?

If "key" extracted as "unknown-spdx", how about outputting "identifier" in "matched_rule" as License ID written?
@pombredanne pombredanne mentioned this issue Aug 20, 2021
Open
@pombredanne
Copy link
Member Author

@AyanSinhaMahapatra ping.
We need to accommodate for any licenseref from anyone
There a few possible cases:

  1. This is a known, stable ref for which we have as a license

(eventually all such refs would end up there) and we have the ref as SPDX license key

  1. This is not known:
    2.1 We can find the corresponding license text for instance with REUSE conventions
    2.2 Or this is in some SPDX document

We should assign the detected license on the corresponding file or SPDX blurb to this ref.

@AyanSinhaMahapatra AyanSinhaMahapatra self-assigned this Oct 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AyanSinhaMahapatra AyanSinhaMahapatra

Labels
new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pombredanne @AyanSinhaMahapatra