Open hkong-mitre opened 10 months ago
I thought that there was already a different license for this data... I have documented this here https://github.com/nexB/vulnerablecode/blob/37fdd7dcabc8187e855292d1e681d3852a87cf52/vulnerabilities/importers/nvd.py#L32
It is fine if you switch to a CC0-1.0 license but has this be vouched for by MITRE legal?
See in particular https://www.cve.org/Legal/TermsOfUse
gentle ping
I would love for this to be CC0, but the attribution clause in the terms of use page implies CC BY 4.0 or similar:
Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.
Of course, MITRE could remove this clause.
Adding a license file to the repository