Reporter: Inconsistent reporting behavior when using "--scopes dependencies" during scan

[apfelkraut]

PREREQUISITES

• latest ORT from master (in this case 77eb739e719d65008cf792198c417403950b5b46) using ScanCode 3.0.2 on Arch Linux
• an ORT_USER_HOME that includes all native scan results (= in this case a repeated scan is executed)
• mime-types 2.1.18 source code as sample project according to the Getting Started guide
• assure that the mime-types does not contain any ORT results/output files from previous analysis

SUMMARY

• Use case: generate a NoticeByPackage directly out of the scan results for starting the licensing review/clearing
• When using parameter "--scopes dependencies" for scan, a lot of "ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::" will be shown during reporting. The NOTICE_BY_PACKAGE will miss the license text for the referenced packages.
• When omitting the scope parameter during scan, only one error is shown during reporting. The NOTICE_BY_PACKAGE will include the license text.

STEPS TO REPRODUCE

1. Run the analysis: cli/build/install/ort/bin/ort --debug analyze -i [mime-types-path]/ -o [mime-types-path]/ort --allow-dynamic-versions
2. Variant A - Scan project limited to depedencies: cli/build/install/ort/bin/ort --debug scan -i [mime-types-path]/ort/analyzer-result.yml -o [mime-types-path]/ort --scopes dependencies
3. Variant A - Report "dependencies" scope: cli/build/install/ort/bin/ort --debug report -f NoticeByPackage -i [mime-types-path]/ort/scan-result.yml -o [mime-types-path]/ort
4. Variant B - Scan full project: cli/build/install/ort/bin/ort --debug scan -i [mime-types-path]/ort/analyzer-result.yml -o [mime-types-path]/ort_full
5. Variant B - Report full project scope: cli/build/install/ort/bin/ort --debug report -f NoticeByPackage -i [mime-types-path]/ort_full/scan-result.yml -o [mime-types-path]/ort_full

CURRENT BEHAVIOR Variant A:

• Reporting "dependencies" scope will cause 209 error on various packages (see below)
• The NOTICE_BY_PACKAGE will contain nearly no license text. E.g. for "Package: abbrev:1.0.9".

Variant B:

• Reporting full scope will cause 1 error on NPM::jsonify:0.0.0 (see below)
• The NOTICE_BY_PACKAGE will contain all license text. E.g. for "Package: abbrev:1.0.9".

EXPECTED BEHAVIOR

• Limited scope must decrease the number of errors during reporting compared to full scope as less libraries are included that can cause errors.
• A library's license text that is successfully reported/included after full scope scan must also be present if library is included in limited scope.

REPORTED ERRORS Variant A:

19:48:20.275 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::abbrev:1.0.9.
19:48:20.275 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::acorn-jsx:3.0.1.
19:48:20.275 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::acorn:3.3.0.
19:48:20.275 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::acorn:5.7.3.
19:48:20.276 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ajv-keywords:1.5.1.
19:48:20.276 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ajv:4.11.8.
19:48:20.276 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::amdefine:1.0.1.
19:48:20.276 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ansi-escapes:1.4.0.
19:48:20.276 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ansi-regex:2.1.1.
19:48:20.277 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ansi-regex:3.0.0.
19:48:20.277 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ansi-styles:2.2.1.
19:48:20.277 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::argparse:1.0.10.
19:48:20.277 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::async:1.5.2.
19:48:20.277 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::babel-code-frame:6.26.0.
19:48:20.278 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::balanced-match:1.0.0.
19:48:20.278 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::brace-expansion:1.1.11.
19:48:20.278 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::buffer-from:1.1.1.
19:48:20.278 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::builtin-modules:1.1.1.
19:48:20.278 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::caller-path:0.1.0.
19:48:20.279 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::callsites:0.2.0.
19:48:20.279 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::chalk:1.1.3.
19:48:20.279 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::circular-json:0.3.3.
19:48:20.279 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::cli-cursor:1.0.2.
19:48:20.279 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::cli-width:2.2.0.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::co:4.6.0.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::code-point-at:1.1.0.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::commander:0.6.1.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::commander:2.20.3.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::commander:2.3.0.
19:48:20.280 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::concat-map:0.0.1.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::concat-stream:1.6.2.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::contains-path:0.1.0.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::core-util-is:1.0.2.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::d:1.0.1.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::debug:2.0.0.
19:48:20.281 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::debug:2.6.9.
19:48:20.282 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::deep-is:0.1.3.
19:48:20.282 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::diff:1.0.8.
19:48:20.282 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::doctrine:1.5.0.
19:48:20.282 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::doctrine:2.1.0.
19:48:20.282 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::error-ex:1.3.2.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es5-ext:0.10.53.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-iterator:2.0.3.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-map:0.1.5.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-set:0.1.5.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-symbol:3.1.1.
19:48:20.283 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-symbol:3.1.3.
19:48:20.284 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::es6-weak-map:2.0.3.
19:48:20.284 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::escape-string-regexp:1.0.2.
19:48:20.284 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::escape-string-regexp:1.0.5.
19:48:20.284 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::escodegen:1.8.1.
19:48:20.284 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::escope:3.6.0.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-config-standard:10.2.1.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-import-resolver-node:0.3.3.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-module-utils:2.5.2.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-plugin-import:2.8.0.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-plugin-node:5.2.1.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-plugin-promise:3.6.0.
19:48:20.285 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint-plugin-standard:3.0.1.
19:48:20.286 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::eslint:3.19.0.
19:48:20.286 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::espree:3.5.4.
19:48:20.286 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::esprima:2.7.3.
19:48:20.286 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::esprima:4.0.1.
19:48:20.286 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::esquery:1.1.0.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::esrecurse:4.2.1.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::estraverse:1.9.3.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::estraverse:4.3.0.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::esutils:2.0.3.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::event-emitter:0.3.5.
19:48:20.287 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::exit-hook:1.1.1.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ext:1.4.0.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::fast-levenshtein:2.0.6.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::figures:1.7.0.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::file-entry-cache:2.0.0.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::find-up:2.1.0.
19:48:20.288 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::flat-cache:1.3.4.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::fs.realpath:1.0.0.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::function-bind:1.1.1.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::generate-function:2.3.1.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::generate-object-property:1.2.0.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::glob:3.2.3.
19:48:20.289 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::glob:5.0.15.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::glob:7.1.6.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::globals:9.18.0.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::graceful-fs:2.0.3.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::graceful-fs:4.2.3.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::growl:1.8.1.
19:48:20.290 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::handlebars:4.7.3.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::has-ansi:2.0.0.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::has-flag:1.0.0.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::has:1.0.3.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::hosted-git-info:2.8.5.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ignore:3.3.10.
19:48:20.291 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::imurmurhash:0.1.4.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::inflight:1.0.6.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::inherits:2.0.4.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::inquirer:0.12.0.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::interpret:1.2.0.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-arrayish:0.2.1.
19:48:20.292 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-fullwidth-code-point:1.0.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-fullwidth-code-point:2.0.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-my-ip-valid:1.0.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-my-json-valid:2.20.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-property:1.0.2.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::is-resolvable:1.1.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::isarray:1.0.0.
19:48:20.293 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::isexe:2.0.0.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::istanbul:0.4.5.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::jade:0.26.3.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::js-tokens:3.0.2.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::js-yaml:3.13.1.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::json-stable-stringify:1.0.1.
19:48:20.294 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::jsonify:0.0.0.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::jsonpointer:4.0.1.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::levn:0.3.0.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::load-json-file:2.0.0.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::locate-path:2.0.0.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::lodash.cond:4.5.2.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::lodash:4.17.15.
19:48:20.295 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::lru-cache:2.7.3.
19:48:20.344 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::minimatch:0.2.14.
19:48:20.344 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::minimatch:3.0.4.
19:48:20.344 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::minimist:0.0.8.
19:48:20.345 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::mkdirp:0.3.0.
19:48:20.345 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::mkdirp:0.5.0.
19:48:20.345 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::mkdirp:0.5.1.
19:48:20.345 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::mocha:1.21.5.
19:48:20.346 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ms:0.6.2.
19:48:20.346 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::ms:2.0.0.
19:48:20.346 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::mute-stream:0.0.5.
19:48:20.346 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::natural-compare:1.4.0.
19:48:20.346 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::neo-async:2.6.1.
19:48:20.347 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::next-tick:1.0.0.
19:48:20.347 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::nopt:3.0.6.
19:48:20.347 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::normalize-package-data:2.5.0.
19:48:20.347 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::number-is-nan:1.0.1.
19:48:20.348 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::object-assign:4.1.1.
19:48:20.348 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::once:1.4.0.
19:48:20.348 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::onetime:1.1.0.
19:48:20.348 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::optimist:0.6.1.
19:48:20.349 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::optionator:0.8.3.
19:48:20.349 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::os-homedir:1.0.2.
19:48:20.349 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::p-limit:1.3.0.
19:48:20.349 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::p-locate:2.0.0.
19:48:20.350 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::p-try:1.0.0.
19:48:20.350 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::parse-json:2.2.0.
19:48:20.350 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::path-exists:3.0.0.
19:48:20.350 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::path-is-absolute:1.0.1.
19:48:20.351 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::path-is-inside:1.0.2.
19:48:20.351 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::path-parse:1.0.6.
19:48:20.351 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::path-type:2.0.0.
19:48:20.351 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::pify:2.3.0.
19:48:20.351 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::pkg-dir:2.0.0.
19:48:20.352 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::pluralize:1.2.1.
19:48:20.352 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::prelude-ls:1.1.2.
19:48:20.352 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::process-nextick-args:2.0.1.
19:48:20.352 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::progress:1.1.8.
19:48:20.352 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::read-pkg-up:2.0.0.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::read-pkg:2.0.0.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::readable-stream:2.3.7.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::readline2:1.0.1.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::rechoir:0.6.2.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::require-uncached:1.0.3.
19:48:20.353 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::resolve-from:1.0.1.
19:48:20.354 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::resolve:1.1.7.
19:48:20.354 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::resolve:1.15.1.
19:48:20.354 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::restore-cursor:1.0.1.
19:48:20.354 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::rimraf:2.6.3.
19:48:20.354 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::run-async:0.1.0.
19:48:20.355 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::rx-lite:3.1.2.
19:48:20.355 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::safe-buffer:5.1.2.
19:48:20.355 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::semver:5.3.0.
19:48:20.355 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::semver:5.7.1.
19:48:20.355 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::shelljs:0.7.8.
19:48:20.356 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::sigmund:1.0.1.
19:48:20.356 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::slice-ansi:0.0.4.
19:48:20.356 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::source-map:0.2.0.
19:48:20.356 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::source-map:0.6.1.
19:48:20.357 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::spdx-correct:3.1.0.
19:48:20.357 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::spdx-exceptions:2.2.0.
19:48:20.357 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::spdx-expression-parse:3.0.0.
19:48:20.357 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::spdx-license-ids:3.0.5.
19:48:20.357 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::sprintf-js:1.0.3.
19:48:20.358 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::string-width:1.0.2.
19:48:20.358 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::string-width:2.1.1.
19:48:20.358 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::string_decoder:1.1.1.
19:48:20.358 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::strip-ansi:3.0.1.
19:48:20.359 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::strip-ansi:4.0.0.
19:48:20.359 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::strip-bom:3.0.0.
19:48:20.359 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::strip-json-comments:2.0.1.
19:48:20.359 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::supports-color:2.0.0.
19:48:20.359 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::supports-color:3.2.3.
19:48:20.360 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::table:3.8.3.
19:48:20.360 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::text-table:0.2.0.
19:48:20.360 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::through:2.3.8.
19:48:20.360 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::type-check:0.3.2.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::type:1.2.0.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::type:2.0.0.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::typedarray:0.0.6.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::uglify-js:3.7.7.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::user-home:2.0.0.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::util-deprecate:1.0.2.
19:48:20.361 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::validate-npm-package-license:3.0.4.
19:48:20.362 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::which:1.3.1.
19:48:20.362 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::word-wrap:1.2.3.
19:48:20.362 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::wordwrap:0.0.3.
19:48:20.362 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::wordwrap:1.0.0.
19:48:20.362 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::wrappy:1.0.2.
19:48:20.363 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::write:0.2.1.
19:48:20.363 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::xtend:4.0.2.

Variant B: 19:52:46.108 [main] ERROR com.here.ort.reporter.reporters.NoticeByPackageProcessor - No license information was added for package NPM::jsonify:0.0.0.

[mnonnenmacher]

The problem here is that the --scopes parameter of the scanner got introduced very early when there was no other way of excluding dependencies. The behavior is now inconsistent and the only component uses that parameter is the scanner, while the other components like the evaluator and the reporter looks at excludes instead. I think it would be best to remove the --scopes parameter and replace it with a new --ignore-excluded parameter that disables scanning of excluded dependencies. This would be more consistent with the other tools. @sschuberth What's your opinion on this?

[sschuberth]

I like that idea basically, @mnonnenmacher, esp. if --scopes is currently broken, see #2206. But I'll look at the latter issue anyway to eventually fix it before we remove it, so that if we ever revert to it, we'll revert to a working state.

[sschuberth]

@apfelkraut, the --scopes option for the scanner has now been replaced with a --skip-excluded option, see https://github.com/heremaps/oss-review-toolkit/pull/2271. Does that fulfill your use-case?

[apfelkraut]

Absolutely. Thanks a lot!

Meanwhile and based on your feedback I was mainly working with excluding certain scopes via the project specific .ort.yml file, because in the end I only wanted to see licenses within the NoticeByPackage that are really part of the shippable product.

I think this change allows a considerable reduction in scanning time if one can now excludes those scopes also from being scanned. In a project with no cached scanner results and 500+ dependencies, this means a significant amount of time.