search

aboutcode-org / scancode.io

ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
https://scancodeio.readthedocs.io
Apache License 2.0
106 stars 83 forks source link

Incorrect summary #1356

Open pombredanne opened 1 month ago

pombredanne commented 1 month ago

I ran a scan_single_package for https://files.pythonhosted.org/packages/29/8a/f4cf3f32bc554f9260b645ea1151449ac13525796d3d1a42076d75945d8d/Pillow-9.5.0-cp312-cp312-win_amd64.whl and the summary is weird: summary-2024-08-07-14-20-19.json The clarity score does not take into account the declared license, even though we have one Screenshot 2024-08-07 at 16-48-44 ScanCode io 816fb3bf3e f95201a764 ce71b4612d

{
  "declared_license_expression": "historical",
  "license_clarity_score": {
    "score": 0,
    "declared_license": false,
    "identification_precision": false,
    "has_license_text": false,
    "declared_copyrights": false,
    "conflicting_license_categories": true,
    "ambiguous_compound_licensing": true
  },
  "declared_holder": "",
  "primary_language": "Python",
  "other_license_expressions": [
    {
.....
tdruez commented 1 month ago

Similar to https://github.com/nexB/scancode.io/issues/1355#issuecomment-2275007822

The "License clarity" and "Scan summary" panels display information as provided by the toolkit --license --classify --summary options.

@pombredanne This issue is probably more relevant in https://github.com/nexB/scancode-toolkit