search

aboutcode-org / scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
https://aboutcode.org/scancode/
2.12k stars 547 forks source link

RFC: Track holder/author names not to ignore in a license #3900

Open pombredanne opened 2 months ago

pombredanne commented 2 months ago

BSD licenses commonly have a non-endorsement clause prohibit to use the holder name. It would be great to:

  1. Have a way to tag the text or text region as being a holder name, either tagging the name explicitly,
  2. And/or, list which are the known holder names in a given rule
AyanSinhaMahapatra commented 1 month ago

These are also valid for other types of license rules which commonly have extra words:

{
          "license_expression": "gpl-2.0",
          "license_expression_spdx": "GPL-2.0-only",
          "matches": [
            {
              "license_expression": "gpl-2.0",
              "spdx_license_expression": "GPL-2.0-only",
              "from_file": "linux-4.19.64/sound/soc/fsl/imx-audmux.c",
              "start_line": 253,
              "end_line": 253,
              "matcher": "2-aho",
              "score": 60.0,
              "matched_length": 3,
              "match_coverage": 100.0,
              "rule_relevance": 60,
              "rule_identifier": "gpl-2.0_kernel_export_symbol_gpl.RULE",
              "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/gpl-2.0_kernel_export_symbol_gpl.RULE",
              "matched_text": "EXPORT_SYMBOL_GPL(imx_audmux_v2_configure_port);",
              "matched_text_diagnostics": "EXPORT_SYMBOL_GPL("
            },
            {
              "license_expression": "gpl-2.0",
              "spdx_license_expression": "GPL-2.0-only",
              "from_file": "linux-4.19.64/sound/soc/fsl/imx-audmux.c",
              "start_line": 253,
              "end_line": 253,
              "matcher": "2-aho",
              "score": 49.0,
              "matched_length": 2,
              "match_coverage": 100.0,
              "rule_relevance": 98,
              "rule_identifier": "gpl-2.0_238.RULE",
              "rule_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/gpl-2.0_238.RULE",
              "matched_text": "EXPORT_SYMBOL_GPL(imx_audmux_v2_configure_port);",
              "matched_text_diagnostics": "GPL([imx]_[audmux]_v2_"
            }
          ],
          "detection_log": [],
          "identifier": "gpl_2_0-7d3ec95b-9379-5f9f-4425-8f76e747c2c0"
        },