search

aboutcode-org / scancode-toolkit

:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
https://aboutcode.org/scancode/
2.14k stars 552 forks source link

MIT licensed FreeRTOS is Detected as GPL-2.0-or-later WITH freertos-exception-2.0 #3956

Open JustinWonjaePark opened 1 month ago

JustinWonjaePark commented 1 month ago

Description

A lot of scanning output FreeRTOS v10.0.0 contains "GPL-2.0-or-later WITH freertos-exception-2.0" When you look into the files, you can find MIT License text with some FreeRTOS name and url appearing. Example : https://github.com/FreeRTOS/FreeRTOS-Kernel/blob/V10.0.0/FreeRTOS/Source/list.c

How To Reproduce

Scan FreeRTOS v10.0.0 https://github.com/FreeRTOS/FreeRTOS-Kernel/tree/V10.0.0 Or, you can just scan /FreeRTOS/Source directory to simply reproduce.

The command I ran is: scancode scancode -clip --json-pp - > scan.json ../../FreeRTOS-Kernel-10.0.0/FreeRTOS/Source

Result : scan.json

System configuration

For bug reports, it really helps us to know:

DennisClark commented 1 month ago

The license text at https://github.com/FreeRTOS/FreeRTOS-Kernel/blob/V10.0.0/FreeRTOS/Source/list.c is a slight variation on the standard MIT license and contains this unique text: "If you wish to use our Amazon FreeRTOS name, please do so in a fair use way that does not cause confusion."

New license freertos-mit added to DejaCode. Permissive. @AyanSinhaMahapatra please synchronize and thanks in advance! We should definitely be detecting this new license rather than the exception when we encounter this text.