:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
The same would apply to other related Code of conduct and non-usage related legal documents... these are NOT licenses. And even if we use license detection to find them, they should not be reported as a license
We likely should not treat a
generic-cla
as something important. When a package is only used, a CLA is not relevant See for instance: https://github.com/open-telemetry/opentelemetry-swift/blob/main/CONTRIBUTING.mdThe same would apply to other related Code of conduct and non-usage related legal documents... these are NOT licenses. And even if we use license detection to find them, they should not be reported as a license