aboutcode-org / scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
https://aboutcode.org/scancode/
2.13k stars 549 forks source link

Recognize the MICROSOFT VISUAL STUDIO ADD-ONs and EXTENSIONS license terms #2955

Open sschuberth opened 2 years ago

sschuberth commented 2 years ago

Short Description

It would be nice it ScanCode would recognize the license at https://www.nuget.org/packages/Microsoft.VisualStudio.Debugger.Contracts/17.2.0/License. Currently, there is not good match for it with an acceptable score, see this result for scanning that text:

{
  "headers": [
    {
      "tool_name": "scancode-toolkit",
      "tool_version": "30.1.0",
      "options": {
        "input": [
          "MICROSOFT SOFTWARE LICENSE TERMS.txt"
        ],
        "--json-pp": "-",
        "--license": true
      },
      "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.",
      "start_timestamp": "2022-05-11T164411.890132",
      "end_timestamp": "2022-05-11T164424.076692",
      "output_format_version": "1.0.0",
      "duration": 12.186588048934937,
      "message": null,
      "errors": [],
      "extra_data": {
        "spdx_license_list_version": "3.14",
        "OUTDATED": "WARNING: Outdated ScanCode Toolkit version! You are using an outdated version of ScanCode Toolkit: 30.1.0 released on: 2021-09-24. A new version is available with important improvements including bug and security fixes, updated license, copyright and package detection, and improved scanning accuracy. Please download and install the latest version of ScanCode. Visit https://github.com/nexB/scancode-toolkit/releases for details.",
        "files_count": 1
      }
    }
  ],
  "files": [
    {
      "path": "MICROSOFT SOFTWARE LICENSE TERMS.txt",
      "type": "file",
      "licenses": [
        {
          "key": "ms-net-library-2019-06",
          "score": 42.02,
          "name": "Microsoft .NET Library License 2019-06",
          "short_name": "MS .NET Library License 2019-06",
          "category": "Proprietary Free",
          "is_exception": false,
          "is_unknown": false,
          "owner": "Microsoft",
          "homepage_url": "https://www.microsoft.com/en-us/web/webpi/eula/net_library_eula_ENU.htm",
          "text_url": "",
          "reference_url": "https://scancode-licensedb.aboutcode.org/ms-net-library-2019-06",
          "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-net-library-2019-06.LICENSE",
          "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-net-library-2019-06.yml",
          "spdx_license_key": "LicenseRef-scancode-ms-net-library-2019-06",
          "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-net-library-2019-06.LICENSE",
          "start_line": 20,
          "end_line": 44,
          "matched_rule": {
            "identifier": "ms-net-library-2019-06.LICENSE",
            "license_expression": "ms-net-library-2019-06",
            "licenses": [
              "ms-net-library-2019-06"
            ],
            "referenced_filenames": [],
            "is_license_text": true,
            "is_license_notice": false,
            "is_license_reference": false,
            "is_license_tag": false,
            "is_license_intro": false,
            "has_unknown": false,
            "matcher": "3-seq",
            "rule_length": 1397,
            "matched_length": 587,
            "match_coverage": 42.02,
            "rule_relevance": 100
          }
        },
        {
          "key": "ms-visual-studio-2017-tools",
          "score": 21.39,
          "name": "Microsoft Visual Studio 2017 Tools",
          "short_name": "MS Visual Studio 2017 Tools",
          "category": "Commercial",
          "is_exception": false,
          "is_unknown": false,
          "owner": "Microsoft",
          "homepage_url": "https://visualstudio.microsoft.com/license-terms/mlt552233/",
          "text_url": "",
          "reference_url": "https://scancode-licensedb.aboutcode.org/ms-visual-studio-2017-tools",
          "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-visual-studio-2017-tools.LICENSE",
          "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-visual-studio-2017-tools.yml",
          "spdx_license_key": "LicenseRef-scancode-ms-visual-studio-2017-tools",
          "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/ms-visual-studio-2017-tools.LICENSE",
          "start_line": 45,
          "end_line": 56,
          "matched_rule": {
            "identifier": "ms-visual-studio-2017-tools.LICENSE",
            "license_expression": "ms-visual-studio-2017-tools",
            "licenses": [
              "ms-visual-studio-2017-tools"
            ],
            "referenced_filenames": [],
            "is_license_text": true,
            "is_license_notice": false,
            "is_license_reference": false,
            "is_license_tag": false,
            "is_license_intro": false,
            "has_unknown": false,
            "matcher": "3-seq",
            "rule_length": 1501,
            "matched_length": 321,
            "match_coverage": 21.39,
            "rule_relevance": 100
          }
        }
      ],
      "license_expressions": [
        "ms-net-library-2019-06",
        "ms-visual-studio-2017-tools"
      ],
      "percentage_of_license_text": 71.27,
      "scan_errors": []
    }
  ]
}

Possible Labels

Select Category

pombredanne commented 2 years ago

@sschuberth Thanks.... Let's add these. Any other MSFT licenses that would not be detected correctly? Also FYI using the --license-text option helps better eval the issue by displaying the full text I usually run this: scancode --license --license-text --license-text-diagnostics --yaml - to get a diagnostic displayed on screen in more readable YAML format.

pombredanne commented 2 years ago

A few other:

I am sure there are more of these. We need them all eventually. @DennisClark FYI

sschuberth commented 2 years ago

Any other MSFT licenses that would not be detected correctly?

Thanks for asking. I actually also came across https://www.nuget.org/packages/Microsoft.VisualStudio.Azure.Containers.Tools.Targets/1.15.0/License, but that seems to be reasonably close to ms-visual-studio-2017-tools with a score of 92.74.