Unlicense not accepted as FSF or OSI approved

ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source

https://scorecard.dev

Apache License 2.0

4.25k stars 460 forks source link

Unlicense not accepted as FSF or OSI approved #4144

Closed egecetin closed 3 weeks ago

egecetin commented 3 weeks ago

Describe the bug Even if https://spdx.org/licenses/ clearly describes The Unlicense is an approved license, a repository using Unlicense generates

Warn: project license file does not contain an FSF or OSI license.

and also removes one point from the score. Check the license score for this repo

Reproduction steps N/A

Expected behavior Point should not deducted/scaled since it is an FSF and OSI approved license

Additional context N/A

spencerschrock commented 3 weeks ago

Thanks for the report. This work is already tracked in #4031.

spencerschrock commented 3 weeks ago

Sorry, that wasn't actually the cause. I'm guessing it's related to this block https://github.com/ossf/scorecard/blob/36d8ad7a6037cdfbd8a42bf0bbca0c4852f7af25/checks/raw/license.go#L230-L241

egecetin commented 3 weeks ago

@spencerschrock Thanks for the quick fix!

spencerschrock commented 3 weeks ago

This wont make it to scorecard action for a bit though, so it may take some time to see it reflected in the API results.