scanner
scanner copied to clipboard
Improve conformance license detection
The current license detection is not perfect and may miss many licenses within the ecosystem. In the past I used to run scanner for thousands of packages with https://github.com/fraxken/nsf-nodesecure
My idea on this topic is to re-analyze real-ecosystem cases and use them to improve detection / the implementation.
Hi, are these links a good documentation ? :
- https://opendefinition.org/licenses/
- list of SPDX : https://spdx.org/licenses/
it's a huge list to handle !
Keeping that under my belt: https://github.com/davglass/license-checker/blob/master/lib/license.js