:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
Recent scans of pdfbox-2.0.24-sources.jar and pdfbox-2.0.24.jar returned a detection of proprietary-license from files DecodeOptions.java and DecodeOptions$FinalDecodeOptions.class on the string "may not be modified" which triggered the proprietary-license_276.RULE
That detection is much too aggressive, because in the context of the code, it was simply the generation of an error message (possibly when someone/something is trying to change a pdf). Here is one case in the code:
throw new UnsupportedOperationException(“This instance may not be modified.“)
I am not exactly sure what the approach should be to address this, but I think it generally means that finding "may not be modified" probably means proprietary only in the context of a Notice file or code Comments, but it should not be triggered when that text appears in actual code.
Recent scans of pdfbox-2.0.24-sources.jar and pdfbox-2.0.24.jar returned a detection of proprietary-license from files DecodeOptions.java and DecodeOptions$FinalDecodeOptions.class on the string "may not be modified" which triggered the proprietary-license_276.RULE
That detection is much too aggressive, because in the context of the code, it was simply the generation of an error message (possibly when someone/something is trying to change a pdf). Here is one case in the code:
throw new UnsupportedOperationException(“This instance may not be modified.“)
I am not exactly sure what the approach should be to address this, but I think it generally means that finding "may not be modified" probably means proprietary only in the context of a Notice file or code Comments, but it should not be triggered when that text appears in actual code.