False positive detecton of proprietary-license from proprietary-license_276.RULE #3355
Description
Recent scans of pdfbox-2.0.24-sources.jar and pdfbox-2.0.24.jar returned a detection of proprietary-license from files DecodeOptions.java and DecodeOptions$FinalDecodeOptions.class on the string "may not be modified" which triggered the proprietary-license_276.RULE
That detection is much too aggressive, because in the context of the code, it was simply the generation of an error message (possibly when someone/something is trying to change a pdf). Here is one case in the code:
throw new UnsupportedOperationException(“This instance may not be modified.“)
I am not exactly sure what the approach should be to address this, but I think it generally means that finding "may not be modified" probably means proprietary only in the context of a Notice file or code Comments, but it should not be triggered when that text appears in actual code.