Some named licenses have multiple conflicting risk assessments for various patterns:
Apache-1.1: 3, 4
Apache-2.0: 2, 1, 3
Apache-2.0 AND CC-BY-SA-4.0: 3, 2
Apache-2.0 OR Artistic-2.0: 3, 2
Apache-2.0 OR BSD-3-Clause: 2, 1
Apache-2.0 OR GPL-2.0: 3, 2
Apache-2.0 OR GPL-2.0+: 3, 2
Apache-2.0 OR MIT: 3, 1
Apache-2.0 WITH LLVM-exception: 3, 2
...
This needs to be cleaned up once we have gotten a normalised list back from the lawyers. And perhaps it would be a good idea to dedicate a new cli command to license pattern maintenance.
Be aware: Cases like Any Proprietary: 5, 3, 1, 4 need to have patterns with different risk assessments, since they don't represent one specific named license.
Some named licenses have multiple conflicting risk assessments for various patterns:
This needs to be cleaned up once we have gotten a normalised list back from the lawyers. And perhaps it would be a good idea to dedicate a new cli command to license pattern maintenance.
Be aware: Cases like
Any Proprietary: 5, 3, 1, 4need to have patterns with different risk assessments, since they don't represent one specific named license.