Incorrect license detection where a proprietary license is reported as GPL #2820
Description
This (edited) text is detected incorrect as GPL:
#!/bin/sh
#
# History:
# 2011/01/01 - [Some Person] did something
#
# Copyright (c) 2022 CompanyName, Inc.
#
# This file and its contents ("Software") are protected by intellectual
# property rights including, without limitation, U.S. and/or foreign
# copyrights. This Software is also the confidential and proprietary
# information of CompanyName, Inc. and its licensors. You may not use, reproduce,
# disclose, distribute, modify, or otherwise prepare derivative works of this
# Software or any portion thereof except pursuant to a signed license agreement
# or nondisclosure agreement with CompanyName, Inc. or its authorized affiliates.
# In the absence of such an agreement, you agree to promptly notify and return
# this Software to CompanyName, Inc.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,
# MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL COMPANYNAME, INC. OR ITS AFFILIATES BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; COMPUTER FAILURE OR MALFUNCTION; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
Using a YAML scan with the details of matched texts:
headers:
- tool_name: scancode-toolkit
tool_version: 30.1.0
options:
input:
- bsd1
--license: yes
--license-text: yes
--license-text-diagnostics: yes
--yaml: '-'
notice: |
Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES
OR CONDITIONS OF ANY KIND, either express or implied. No content created from
ScanCode should be considered or used as legal advice. Consult an Attorney
for any legal advice.
ScanCode is a free software code scanning tool from nexB Inc. and others.
Visit https://github.com/nexB/scancode-toolkit/ for support and download.
start_timestamp: '2022-01-30T144041.370328'
end_timestamp: '2022-01-30T144048.163871'
output_format_version: 2.0.0
duration: '6.793554782867432'
message:
errors: []
extra_data:
spdx_license_list_version: '3.15'
OUTDATED: 'WARNING: Outdated ScanCode Toolkit version! You are using an outdated
version of ScanCode Toolkit: 30.1.0 released on: 2021-09-24. A new version is
available with important improvements including bug and security fixes, updated
license, copyright and package detection, and improved scanning accuracy. Please
download and install the latest version of ScanCode. Visit https://github.com/nexB/scancode-toolkit/releases
for details.'
files_count: 1
files:
- path: bsd1
type: file
licenses:
- key: commercial-license
score: '100.0'
name: Commercial License
short_name: Commercial License
category: Commercial
is_exception: no
is_unknown: no
owner: Unspecified
homepage_url:
text_url:
reference_url: https://scancode-licensedb.aboutcode.org/commercial-license
scancode_text_url: https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/commercial-license.LICENSE
scancode_data_url: https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/commercial-license.yml
spdx_license_key: LicenseRef-scancode-commercial-license
spdx_url: https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/commercial-license.LICENSE
start_line: 10
end_line: 11
matched_rule:
identifier: proprietary_37.RULE
license_expression: commercial-license
licenses:
- commercial-license
referenced_filenames: []
is_license_text: no
is_license_notice: no
is_license_reference: yes
is_license_tag: no
is_license_intro: no
has_unknown: no
matcher: 2-aho
rule_length: 4
matched_length: 4
match_coverage: '100.0'
rule_relevance: 100
matched_text: |
confidential and proprietary
# information
- key: gpl-2.0-plus
score: '71.62'
name: GNU General Public License 2.0 or later
short_name: GPL 2.0 or later
category: Copyleft
is_exception: no
is_unknown: no
owner: Free Software Foundation (FSF)
homepage_url: http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html
text_url: http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html
reference_url: https://scancode-licensedb.aboutcode.org/gpl-2.0-plus
scancode_text_url: https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/gpl-2.0-plus.LICENSE
scancode_data_url: https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/gpl-2.0-plus.yml
spdx_license_key: GPL-2.0-or-later
spdx_url: https://spdx.org/licenses/GPL-2.0-or-later
start_line: 12
end_line: 28
matched_rule:
identifier: gpl-2.0-plus_365.RULE
license_expression: gpl-2.0-plus
licenses:
- gpl-2.0-plus
referenced_filenames: []
is_license_text: no
is_license_notice: yes
is_license_reference: no
is_license_tag: no
is_license_intro: no
has_unknown: no
matcher: 3-seq
rule_length: 148
matched_length: 106
match_coverage: '71.62'
rule_relevance: 100
matched_text: |
modify, [or] [otherwise] [prepare] [derivative] [works] [of] [this]
# [Software] [or] [any] [portion] [thereof] [except] [pursuant] [to] a [signed] license [agreement]
# [or] [nondisclosure] [agreement] [with] [CompanyName], [Inc]. [or] [its] [authorized] [affiliates].
# [In] [the] [absence] [of] [such] [an] [agreement], [you] [agree] [to] [promptly] [notify] [and] [return]
# [this] [Software] [to] [CompanyName], [Inc].
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF [NON]-[INFRINGEMENT],
# MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL [COMPANYNAME], [INC]. [OR] [ITS] [AFFILIATES] BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; [COMPUTER] [FAILURE] [OR] [MALFUNCTION]; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
license_expressions:
- commercial-license
- gpl-2.0-plus
percentage_of_license_text: '49.77'
scan_errors: []
The warranty disclaimer is not typical of a GPL and is what tripped detection there.
We should also add a new rule for this proprietary license notice.