Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent risk assessments #83

Open
kraih opened this issue May 9, 2023 · 0 comments
Open

Inconsistent risk assessments #83

kraih opened this issue May 9, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@kraih
Copy link
Member

kraih commented May 9, 2023

Some named licenses have multiple conflicting risk assessments for various patterns:

Apache-1.1: 3, 4
Apache-2.0: 2, 1, 3
Apache-2.0 AND CC-BY-SA-4.0: 3, 2
Apache-2.0 OR Artistic-2.0: 3, 2
Apache-2.0 OR BSD-3-Clause: 2, 1
Apache-2.0 OR GPL-2.0: 3, 2
Apache-2.0 OR GPL-2.0+: 3, 2
Apache-2.0 OR MIT: 3, 1
Apache-2.0 WITH LLVM-exception: 3, 2
...

This needs to be cleaned up once we have gotten a normalised list back from the lawyers. And perhaps it would be a good idea to dedicate a new cli command to license pattern maintenance.

Be aware: Cases like Any Proprietary: 5, 3, 1, 4 need to have patterns with different risk assessments, since they don't represent one specific named license.
@kraih kraih added the bug Something isn't working label May 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kraih