diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index daa6d2c1..f1311f73 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -18,13 +18,16 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version: '1.21' #cache: false - name: golangci-lint - uses: golangci/golangci-lint-action@v3 + uses: golangci/golangci-lint-action@v5 with: # Optional: golangci-lint command line arguments. args: -D errcheck + # Optional: if set to true, caches will not be saved, but they may still be restored, + # subject to other options + # skip-save-cache: true diff --git a/.vscode/settings.json b/.vscode/settings.json index e29b82df..c4e300f1 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -85,6 +85,7 @@ "NTIA", "Nyffenegger", "OBOM", + "Omnibor", "oneof", "OPENCHAIN", "opensource", @@ -118,6 +119,7 @@ "startswith", "staticcheck", "structs", + "Swhid", "swid", "tablewriter", "Tracef", diff --git a/README.md b/README.md index 853eb756..fbfac19e 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,8 @@ The utility supports the following commands: - **[list](#license-list-subcommand)** produce listings or summarized reports of license data contained in a BOM along with license "usage policy" determinations using the policies declared in the `license.json` file. - **[policy](#license-policy-subcommand)** - lists software and data license information and associated license usage policies as defined in the configurable `license.json` file. +- **[patch](#patch)** : Applies a JSON patch file, as defined by [IETF RFC 6902](https://datatracker.ietf.org/doc/html/rfc6902/), to an input JSON BOM file. + - **[query](#query)** retrieves JSON data from BOMs using SQL-style query statements (i.e., `--select --from --where `). The JSON data can be used to create custom listings or reports. - **[resource](#resource)** produce filterable listings or summarized reports of resources, including components and services, from BOM data. @@ -39,8 +41,6 @@ Feedback and helpful commits appreciated on the following commands which will be - **[diff](#diff)** : Shows the delta between two similar BOM versions in JSON (diff) patch format as defined by [IETF RFC 6902](https://datatracker.ietf.org/doc/html/rfc6902/). -- **[patch](#patch)** : Applies a JSON patch file, as defined by [IETF RFC 6902](https://datatracker.ietf.org/doc/html/rfc6902/), to an input JSON BOM file. - --- ## Index @@ -53,6 +53,7 @@ Feedback and helpful commits appreciated on the following commands which will be - [license](#license) - [list](#license-list-subcommand) subcommand: lists all license information found in the BOM - [policy](#license-policy-subcommand) subcommand: lists configurable license usage policies + - [patch](#patch): patches BOMs using IETF RFC 6902 records. - [query](#query): extract JSON objects and fields from a BOM using SQL-like queries - [resource](#resource): list resource information by type (e.g., components, services) - [schema](#schema): list supported BOM formats, versions, variants @@ -62,7 +63,6 @@ Feedback and helpful commits appreciated on the following commands which will be - [completion](#completion): generates command-line completion scripts for the utility - [Experimental commands](#experimental-commands) - [diff](#diff): compares differences between two similar BOMs - - [patch](#patch): patches BOMs using IETF RFC 6902 records. - [Design considerations](#design-considerations) - [Development](#development) - [Prerequisites](#prerequisites) @@ -595,1632 +595,1632 @@ allow Artistic Artistic-2.0 Artistic License 2.0 true tru --- -### Query +### Patch -This command allows you to perform SQL-like queries into JSON format SBOMs. Currently, the command recognizes the `--select` and `--from` as well as the `--where` filter. +This *experimental* command is able to "patch" an existing JSON BOM document using an [IETF RFC6902](https://datatracker.ietf.org/doc/html/rfc6902/#section-4.1) *"JavaScript Object Notation (JSON) Patch"* file. -#### Query flags +The current implementation supports the following "patch" operations: -##### Query `--from` flag +- "add", "update", "remove" and "test" -The `--from` clause value is applied to the JSON document object model and can return either a singleton JSON object or an array of JSON objects as a result. This is determined by the last property value's type as declared in the schema. +At this time the "move" or "copy" operations are not supported. -##### Query `--select` flag +Patches work for both simple (i.e., integer, float, boolean and string) values as well as complex values such as JSON objects, maps and arrays. -The `--select` clause is then applied to the `--from` result set to only return the specified properties (names and their values). +#### Patch supported output formats -##### Query `--where` flag +This command is used to output, using the [`--output-file` flag](#output-flag), a "patched" BOM in JSON format. -If the result set is an array, the array entries can be reduced by applying the `--where` filter to ony return those entries whose specified field names match the supplied regular expression (regex). +- `json` (default) -**Note**: All `query` command results are returned as valid JSON documents. This includes a `null` value for empty result sets. +#### Patch flags -#### Query supported formats +The patch command operates on a JSON BOM input file (see [`--input-file` flag](#input-flag)) as well as an [IETF RFC6902](https://datatracker.ietf.org/doc/html/rfc6902/#section-4.1)-formatted "patch' file and produces a "patched" version of the input JSON BOM as output using the following flags: -The `query` command only supports JSON output. +##### Patch `--patch-filename` flag -- `json` (default) +The `--patch-file ` flag is used to provide the relative path to the IETF RFC6902 patch file to applied to the BOM input file. -#### Query result sorting +#### Patch examples -The `query` command does not support formatting of output results as JSON format is always returned. +This section contains examples of all supported patch operations (i.e., add, replace, test) including values that are primitives (i.e., `numbers`, `strings`) as well as JSON `objects` and may be indexed JSON `array` elements. -#### Query examples +- ["add" BOM `serialNumber`](#patch-example-1-add-bom-serialnumber) +- ["add" (update) BOM `version`](#patch-example-2-add-update-bom-version) +- ["add" `supplier` object to `metadata`](#patch-example-3-add-supplier-object-to-metadata-object) +- ["add" `property` objects to `metadata.properties` array](#patch-example-4-add-property-objects-to-metadataproperties-array) +- ["replace" `version` and `timestamp` values](#patch-example-5-replace-bom-version-and-timestamp) +- ["remove" `property` from the `metadata.properties` array](#patch-example-6-remove-property-from-the-metadataproperties-array) +- ["test" if a `property` exists in the `metadata.properties` array](#patch-example-7-test-property-exists-in-the-metadataproperties-array) -##### Example: Extract the top-level `component` information from an SBOM +##### Patch example 1: "add" BOM `serialNumber` -This example effectively extracts the first-order package manifest from the SBOM. +This example adds a new top-level key `"serialNumber"` and corresponding value to a CycloneDX JSON BOM file. -In this example, only the `--from` clause is needed to select an object. The `--select` clause is omitted which is equivalent to using the "select all" wildcard character `*` which returns all fields and values from the `component` object. +The original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json) has no serial number: -```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.component +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + ... + } +} ``` -is equivalent to using the wildcard character (which may need to be enclosed in single or double quotes depending on your shell): - -```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --select '*' --from metadata.component --quiet -``` +IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-serial-number.json](test/patch/cdx-patch-example-add-serial-number.json): ```json -{ - "name": "Example Application v10.0.4", - "bom-ref": "pkg:oci/example.com/product/application@10.0.4.0", - "description": "Example's Do-It-All application", - "externalReferences": [ - { - "type": "website", - "url": "https://example.com/application" - } - ], - "hashes": [ - { - "alg": "SHA-1", - "content": "1111aaaa2222cccc3333dddd4444eeee5555ffff" - } - ], - "licenses": [ - { - "license": { - "id": "Apache-2.0" - } - } - ], - ... +[ + { "op": "add", "path": "/serialNumber", "value": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9" } +] ``` -##### Example: Extract the `supplier` of the SBOM - -In this example, the `--from` clause references the top-level `metadata.supplier` object. +Invoke the patch command as follows: ```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.supplier --quiet +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-serial-number.json -q ``` +Patched JSON BOM output file: + ```json { - "contact": [ - { - "email": "distribution@example.com" + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", + "version": 1, + "metadata": { + ... } - ], - "name": "Example Co. Distribution Dept.", - "url": [ - "https://example.com/software/" - ] } ``` -##### Example: Extract just the SBOM component's `name` and `version` +##### Patch example 2: "add" (update) BOM `version` -In this example, the `--from` clause references the singleton JSON object `component` found under the top-level `metadata` object. It then reduces the resultant JSON object to only return the `name` and `value` fields and their values as requested on the `--select` clause. +This example shows how the patch's "add" operation can be used to update existing values which is the specified behavior of RFC6902. -```bash -./sbom-utility query --select name,version --from metadata.component -i examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json --quiet -``` +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json) with `version` equal to `1`: ```json { - "name": "juice-shop", - "version": "11.1.2" + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + ... + } } ``` -##### Example: Return the JSON array of components +IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-serial-number.json](test/patch/cdx-patch-example-add-serial-number.json): -In this example, the `--from` filter will return the entire JSON components array. +```json +[ + { "op": "add", "path": "/version", "value": 2 } +] +``` + +Invoke the patch command as follows: ```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from components --quiet +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-update-version.json -q ``` +The patched, output JSON BOM file which has the changed `version` value of `2`: + ```json -[ - { - "bom-ref": "pkg:npm/sample@2.0.0", - "description": "Node.js Sampler package", - "licenses": [ - { - "license": { - "id": "MIT" - } - } - ], - "name": "sample", - "purl": "pkg:npm/sample@2.0.0", - "type": "library", - "version": "2.0.0" - }, - { - "bom-ref": "pkg:npm/body-parser@1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 2, + "metadata": { ... - } - ], - "licenses": [ - { - "license": { - "id": "MIT" - } - } - ], - "name": "body-parser", - "purl": "pkg:npm/body-parser@1.19.0", - "type": "library", - "version": "1.19.0" - } -] + } +} ``` -**Note**: The command for this example only used the `--from` flag and did not need to supply `--select '*'` as this us the default. +##### Patch example 3: "add" `supplier` object to `metadata` object -##### Example: Filter result entries with a specified value +This example shows how the patch's "add" operation can be used to add a JSON object to an existing object. -In this example, the `--where` filter will be applied to a set of `properties` results to only include entries that match the specified regex. +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): -```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.properties --where name=urn:example.com:classification --quiet +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + ... + ] + } +} ``` +Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-metadata-supplier.json](test/patch/cdx-patch-example-add-metadata-supplier.json): + ```json [ - { - "name": "urn:example.com:classification", - "value": "This SBOM is Confidential Information. Do not distribute." + { "op": "add", "path": "/metadata/supplier", "value": { + "name": "Example Co. Distribution Dept.", + "url": [ + "https://example.com/software/" + ] + } } ] ``` -additionally, you can apply a `--select` clause to simply obtain the matching entry's `value`: +Invoke the patch command as follows: ```bash -./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --select value --from metadata.properties --where name=urn:example.com:classification --quiet +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-metadata-supplier.json -q ``` +The patched BOM has the `supplier` object added to the `metadata`: + ```json -[ - { - "value": "This SBOM is Confidential Information. Do not distribute." - } -] +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "supplier": { + "name": "Example Co. Distribution Dept.", + "url": [ + "https://example.com/software/" + ] + }, + "properties": [ + ... + ] + } +} ``` ---- - -### Resource +##### Patch example 4: "add" `property` objects to `metadata.properties` array -The `resource` command is geared toward inspecting various resources types and their information from SBOMs against future maturity models being developed as part of the [OWASP Software Component Verification Standard (SCVS)](https://owasp.org/www-project-software-component-verification-standard/). In the SCVS model, a "resource" is the parent classification for software (components), services, Machine Learning (ML) models, data, hardware, tools and more. +This example shows how the patch's "add" operation can be used to add `property` objects to an existing `properties` array. -Primarily, the command is used to generate lists of resources, by type, that are included in a CycloneDX SBOM by invoking `resource list`. +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): -#### Resource supported output formats - -This command supports the `--format` flag with any of the following values: - -- `txt` (default), `csv`, `md` +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + { + "name": "Property 1", + "value": "Value 1" + }, + { + "name": "Property 2", + "value": "Value 2" + } + ] + } +} +``` -#### Resource result sorting +Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-metadata-properties.json](test/patch/cdx-patch-example-add-metadata-properties.json): -Currently, all `resource list` command results are sorted by resource `type` then by resource `name` (required field). +```json +[ + { "op": "add", "path": "/metadata/properties/-", "value": { "name": "foo", "value": "bar" } }, + { "op": "add", "path": "/metadata/properties/1", "value": { "name": "rush", "value": "yyz" } } +] +``` -#### Resource Examples +Note that the first patch record uses the `-` (dash) to indicate "insert at end" whereas the second patch record has the zero-based array index `1`. -#### Example: resource list +Invoke the patch command as follows: ```bash -./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --quiet +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-metadata-properties.json -q ``` -```bash -type name version bom-ref ----- ---- ------- ------- -component ACME Application 2.0.0 pkg:app/sample@1.0.0 -component Library A 1.0.0 pkg:lib/libraryA@1.0.0 -component Library B 1.0.0 pkg:lib/libraryB@1.0.0 -component Library C 1.0.0 pkg:lib/libraryC@1.0.0 -component Library D 1.0.0 pkg:lib/libraryD@1.0.0 -component Library E 1.0.0 pkg:lib/libraryE@1.0.0 -component Library F 1.0.0 pkg:lib/libraryF@1.0.0 -component Library G 1.0.0 pkg:lib/libraryG@1.0.0 -component Library H 1.0.0 pkg:lib/libraryH@1.0.0 -component Library J 1.0.0 pkg:lib/libraryJ@1.0.0 -component Library NoLicense 1.0.0 pkg:lib/libraryNoLicense@1.0.0 -service Bar service:example.com/myservices/bar -service Foo service:example.com/myservices/foo +The patched, output BOM has the two new properties at the specified indices: + +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + { + "name": "Property 1", + "value": "Value 1" + }, + { + "name": "rush", + "value": "yyz" + }, + { + "name": "Property 2", + "value": "Value 2" + }, + { + "name": "foo", + "value": "bar" + } + ] + } +} ``` -##### Example: resource list using `--type service` +##### Patch example 5: "replace" BOM `version` and `timestamp` -This example uses the `type` flag to specific `service`. The other valid type is `component`. Future versions of CycloneDX schema will include more resource types such as "ml" (machine learning) or "tool". +This example shows how the patch's "replace" operation can be used to update the BOM document's `version` and `timestamp` values. -```bash -./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --type service --quiet -``` +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): -```bash -type name version bom-ref ----- ---- ------- ------- -service Bar service:example.com/myservices/bar -service Foo service:example.com/myservices/foo +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + ... + ] + } +} ``` -##### Example: list with `name` regex match - -This example uses the `where` filter on the `name` field. In this case we supply an exact "startswith" regex. for the `name` filter. +Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-replace-version-timestamp.json](test/patch/cdx-patch-example-replace-version-timestamp.json): -```bash -./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --where "name=Library A" --quiet +```json +[ + { "op": "replace", "path": "/version", "value": 2 }, + { "op": "replace", "path": "/metadata/timestamp", "value": "2024-01-24T22:50:18+00:00" } +] ``` +Invoke the patch command as follows: + ```bash -type name version bom-ref ----- ---- ------- ------- -component Library A 1.0.0 pkg:lib/libraryA@1.0.0 +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-replace-version-timestamp.json -q ``` ---- - -### Schema - -You can verify which formats, schemas, versions and variants are available for validation by using the `schema` command: +The patched, output BOM has both an updated `version` and `timestamp`: -```bash -./sbom-utility schema list +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 2, + "metadata": { + "timestamp": "2024-01-24T22:50:18+00:00", + "properties": [ + ... + } +} ``` -- **Note**: The `schema` command will default to the `list` subcommand if omitted. - -#### Schema supported output formats +##### Patch example 6: "remove" `property` from the `metadata.properties` array -This command supports the `--format` flag with any of the following values: +This example shows how the patch's "remove" operation can be used to remove a `property` object from the `metadata.properties` array using an index. -- `txt` (default), `csv`, `md` +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): -#### Schema result sorting +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + { + "name": "Property 1", + "value": "Value 1" + }, + { + "name": "Property 2", + "value": "Value 2" + } + ] + } +} +``` -- Formatted results are sorted by `format` (ascending), `version` (descending) and `schema` (descending) +Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-remove-metadata-property.json](test/patch/cdx-patch-example-remove-metadata-property.json): -#### Schema examples +```json +[ + { "op": "remove", "path": "/metadata/properties/1" } +] +``` -##### Example: schema list +Invoke the patch command as follows: ```bash -name variant format version file url ----- ------- ------ ------- ---- --- -CycloneDX v1.6 development CycloneDX 1.6 schema/cyclonedx/1.6/bom-1.6.schema.json https://raw.githubusercontent.com/CycloneDX/specification/1.6-dev/schema/bom-1.6.schema.json -CycloneDX v1.5 (latest) CycloneDX 1.5 schema/cyclonedx/1.5/bom-1.5.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.5.schema.json -CycloneDX v1.4 (latest) CycloneDX 1.4 schema/cyclonedx/1.4/bom-1.4.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.4.schema.json -CycloneDX v1.4 custom CycloneDX 1.4 schema/test/bom-1.4-custom.schema.json -CycloneDX v1.3 (latest) CycloneDX 1.3 schema/cyclonedx/1.3/bom-1.3.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.3.schema.json -CycloneDX v1.3 custom CycloneDX 1.3 schema/test/bom-1.3-custom.schema.json -CycloneDX v1.3 strict CycloneDX 1.3 schema/cyclonedx/1.3/bom-1.3-strict.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.3-strict.schema.json -CycloneDX v1.2 (latest) CycloneDX 1.2 schema/cyclonedx/1.2/bom-1.2.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.2.schema.json -CycloneDX v1.2 strict CycloneDX 1.2 schema/cyclonedx/1.2/bom-1.2-strict.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.2-strict.schema.json -SPDX v2.3 (latest) SPDX SPDX-2.3 schema/spdx/2.3/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/development/v2.3/schemas/spdx-schema.json -SPDX v2.3.1 development SPDX SPDX-2.3 schema/spdx/2.3.1/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/development/v2.3.1/schemas/spdx-schema.json -SPDX v2.2.2 (latest) SPDX SPDX-2.2 schema/spdx/2.2.2/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/v2.2.2/schemas/spdx-schema.json -SPDX v2.2.1 2.2.1 SPDX SPDX-2.2 schema/spdx/2.2.1/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/v2.2.1/schemas/spdx-schema.json +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-remove-metadata-property.json -q ``` -#### Adding schemas - -Entries for new or "custom" schemas can be added to the `config.json` file by adding a new schema entry and then will need to pass that file on the command line using the `--config-schema` flag. - -These new schema entries will tell the schema loader where to find the JSON schema file locally, relative to the utility's executable. - -For details see the "[Adding SBOM formats, schema versions and variants](#adding-sbom-formats-schema-versions-and-variants)" section. +The `property` at index `1` of the `metadata.properties` array has been removed: -#### Embedding schemas +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + { + "name": "Property 1", + "value": "Value 1" + } + ] + } +} +``` -If you wish to have the new schema *embedded in the executable*, simply add it to the project's `resources` subdirectory following the format and version-based directory structure. +##### Patch example 7: "test" `property` exists in the `metadata.properties` array ---- +This example shows how the patch records's can "test" for values or objects in a BOM. The utility will confirm "success" (using an `[INFO]` log message); otherwise, the utility will exit and return an error and generate an `[ERROR]` log message. -### Trim +Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): -This command is able to "trim" one or more JSON keys (fields) from specified JSON BOM documents effectively "pruning" the JSON document. This functionality helps consumers of large-sized BOMs that need to analyze specific types of data in large BOMs in reducing the BOM data to just what is needed for their use cases or needs. +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "metadata": { + "timestamp": "2023-10-12T19:07:00Z", + "properties": [ + { + "name": "Property 1", + "value": "Value 1" + }, + { + "name": "Property 2", + "value": "Value 2" + } + ] + } +} +``` -#### Trim supported output formats +Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-test-metadata-property.json](test/patch/cdx-patch-example-test-metadata-property.json): -This command is used to output, using the [`--output-file` flag](#output-flag), a "trimmed" BOM in JSON format. +```json +[ + { "op": "test", "path": "/metadata/properties/1", "value": + { + "name": "Property 2", + "value": "Value 2" + } + } +] +``` -- `json` (default) +Invoke the patch command as follows: -#### Trim flags +```bash +./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-test-metadata-property.json -q +``` -Trim operates on a JSON BOM input file (see [`--input-file` flag](#input-flag)) and produces a trimmed JSON BOM output file using the following flags: +An informational (i.e., `[INFO]`) message is logged with `success` since the property object was found in the input BOM: -##### Trim `--keys` flag +```json +[INFO] IETF RFC6902 test operation success. test record: { + "op": "test", + "path": "/metadata/properties/1", + "value": { + "name": "Property 2", + "value": "Value 2" + } +} +``` -A comma-separated list of JSON map keys. Similar to the [query command's `--select` flag](#query---select-flag) syntax. +If instead, we [tested for a different property](test/patch/cdx-patch-example-test-metadata-property-err.json) object: -##### Trim `--from` flag +```json +[ + { "op": "test", "path": "/metadata/properties/1", "value": + { + "name": "Property 3", + "value": "Value 3" + } + } +] +``` -A comma-separated list of JSON document paths using the same syntax as the [query command's `--from` flag](#query---from-flag). +an error (i.e., `[ERROR]`) would be returned from the utility: -##### Trim `--normalize` flag +```json +[ERROR] IETF RFC6902 test operation error. test record: { + "op": "test", + "path": "/metadata/properties/1", + "value": { + "name": "Property 3", + "value": "Value 3" + } +} +``` -A flag that normalizes the BOM data after trimming and prior to output. +--- -This flag has custom code that sorts all components, services, licenses, vulnerabilities, properties, external references, hashes and *most* other BOM data using custom comparators. +### Query -Each comparator uses `required` fields and other identifying fields to create *"composite keys"* for each unique data structure. +This command allows you to perform SQL-like queries into JSON format SBOMs. Currently, the command recognizes the `--select` and `--from` as well as the `--where` filter. -#### Trim examples +#### Query flags -The original BOM used for these examples can be found here: +##### Query `--from` flag -- [test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json](test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json) +The `--from` clause value is applied to the JSON document object model and can return either a singleton JSON object or an array of JSON objects as a result. This is determined by the last property value's type as declared in the schema. -##### Example: Trim `properties` from entire JSON BOM +##### Query `--select` flag -Validating the "juice shop" SBOM (CycloneDX 1.2) example provided in this repository. +The `--select` clause is then applied to the `--from` result set to only return the specified properties (names and their values). + +##### Query `--where` flag + +If the result set is an array, the array entries can be reduced by applying the `--where` filter to ony return those entries whose specified field names match the supplied regular expression (regex). + +**Note**: All `query` command results are returned as valid JSON documents. This includes a `null` value for empty result sets. + +#### Query supported formats + +The `query` command only supports JSON output. + +- `json` (default) + +#### Query result sorting + +The `query` command does not support formatting of output results as JSON format is always returned. + +#### Query examples + +##### Example: Extract the top-level `component` information from an SBOM + +This example effectively extracts the first-order package manifest from the SBOM. + +In this example, only the `--from` clause is needed to select an object. The `--select` clause is omitted which is equivalent to using the "select all" wildcard character `*` which returns all fields and values from the `component` object. ```bash -./sbom-utility trim -i ./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=properties +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.component ``` -Original BOM with properties: +is equivalent to using the wildcard character (which may need to be enclosed in single or double quotes depending on your shell): + +```bash +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --select '*' --from metadata.component --quiet +``` ```json { - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", - "components": [ + "name": "Example Application v10.0.4", + "bom-ref": "pkg:oci/example.com/product/application@10.0.4.0", + "description": "Example's Do-It-All application", + "externalReferences": [ { - "type": "library", - "bom-ref": "pkg:npm/sample@2.0.0", - "purl": "pkg:npm/sample@2.0.0", - "name": "sample", - "version": "2.0.0", - "description": "Node.js Sampler package", - "properties": [ - { - "name": "foo", - "value": "bar" - } - ] - }, + "type": "website", + "url": "https://example.com/application" + } + ], + "hashes": [ { - "type": "library", - "bom-ref": "pkg:npm/body-parser@1.19.0", - "purl": "pkg:npm/body-parser@1.19.0", - "name": "body-parser", - "version": "1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ] + "alg": "SHA-1", + "content": "1111aaaa2222cccc3333dddd4444eeee5555ffff" } ], - "properties": [ + "licenses": [ { - "name": "abc", - "value": "123" + "license": { + "id": "Apache-2.0" + } } - ] -} + ], + ... ``` -Output BOM results without `properties``: +##### Example: Extract the `supplier` of the SBOM + +In this example, the `--from` clause references the top-level `metadata.supplier` object. + +```bash +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.supplier --quiet +``` ```json { - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", - "version": 1, - "components": [ - { - "type": "library", - "bom-ref": "pkg:npm/sample@2.0.0", - "name": "sample", - "version": "2.0.0", - "description": "Node.js Sampler package", - "purl": "pkg:npm/sample@2.0.0" - }, - { - "type": "library", - "bom-ref": "pkg:npm/body-parser@1.19.0", - "name": "body-parser", - "version": "1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "purl": "pkg:npm/body-parser@1.19.0" - } - ] + "contact": [ + { + "email": "distribution@example.com" + } + ], + "name": "Example Co. Distribution Dept.", + "url": [ + "https://example.com/software/" + ] } ``` -##### Example: Trim `name` and `description` from entire JSON BOM +##### Example: Extract just the SBOM component's `name` and `version` + +In this example, the `--from` clause references the singleton JSON object `component` found under the top-level `metadata` object. It then reduces the resultant JSON object to only return the `name` and `value` fields and their values as requested on the `--select` clause. ```bash -./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=name,description --quiet +./sbom-utility query --select name,version --from metadata.component -i examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json --quiet ``` -Output BOM results without `name` or `description`: - ```json { - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", - "version": 1, - "components": [ - { - "type": "library", - "bom-ref": "pkg:npm/sample@2.0.0", - "version": "2.0.0", - "purl": "pkg:npm/sample@2.0.0", - "properties": [ - { - "value": "bar" - } - ] - }, - { - "type": "library", - "bom-ref": "pkg:npm/body-parser@1.19.0", - "version": "1.19.0", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "purl": "pkg:npm/body-parser@1.19.0" - } - ], - "properties": [ - { - "value": "123" - } - ] + "name": "juice-shop", + "version": "11.1.2" } ``` -##### Example: Trim `properties` from only `components` path +##### Example: Return the JSON array of components + +In this example, the `--from` filter will return the entire JSON components array. ```bash -./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=properties --from components --quiet +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from components --quiet ``` -Output BOM results with `properties` removed from all `components`: - ```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", - "version": 1, - "components": [ - { - "type": "library", - "bom-ref": "pkg:npm/sample@2.0.0", - "name": "sample", - "version": "2.0.0", - "description": "Node.js Sampler package", - "purl": "pkg:npm/sample@2.0.0" - }, - { - "type": "library", - "bom-ref": "pkg:npm/body-parser@1.19.0", - "name": "body-parser", - "version": "1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "purl": "pkg:npm/body-parser@1.19.0" +[ + { + "bom-ref": "pkg:npm/sample@2.0.0", + "description": "Node.js Sampler package", + "licenses": [ + { + "license": { + "id": "MIT" } + } ], - "properties": [ - { - "name": "abc", - "value": "123" + "name": "sample", + "purl": "pkg:npm/sample@2.0.0", + "type": "library", + "version": "2.0.0" + }, + { + "bom-ref": "pkg:npm/body-parser@1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + ... + } + ], + "licenses": [ + { + "license": { + "id": "MIT" } - ] -} + } + ], + "name": "body-parser", + "purl": "pkg:npm/body-parser@1.19.0", + "type": "library", + "version": "1.19.0" + } +] ``` ---- +**Note**: The command for this example only used the `--from` flag and did not need to supply `--select '*'` as this us the default. -##### Example: Trim `bom-ref` and normalize output +##### Example: Filter result entries with a specified value + +In this example, the `--where` filter will be applied to a set of `properties` results to only include entries that match the specified regex. ```bash -./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-components-normalize.sbom.json --keys="bom-ref" --normalize -q +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --from metadata.properties --where name=urn:example.com:classification --quiet ``` -**Note** If you do not want to remove any keys and simply normalize output, set keys to an empty string: `--keys=""`. - -Use the trim command to remove all `bom-ref` fields and normalize output: - ```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "components": [ - { - "type": "library", - "bom-ref": "pkg:npm/sample@2.0.0", - "purl": "pkg:npm/sample@2.0.0", - "name": "sample", - "version": "2.0.0", - "licenses": [ - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - }, - { - "license": { - "id": "GPL-2.0-only" - } - } - ], - "properties": [ - { - "name": "moo", - "value": "cow" - }, - { - "name": "foo", - "value": "bar" - } - ] - }, - { - "type": "library", - "bom-ref": "pkg:npm/body-parser@1.19.0", - "purl": "pkg:npm/body-parser@1.19.0", - "name": "body-parser", - "version": "1.19.0", - "hashes": [ - { - "alg": "SHA-256", - "content": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" - }, - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "licenses": [ - { - "license": { - "id": "MIT" - } - }, - { - "license": { - "id": "Apache-2.0" - } - } - ], - "externalReferences": [ - { - "type": "website", - "url": "https://example.com/website" - }, - { - "type": "support", - "url": "https://example.com/support" - } - ] - } - ] -} +[ + { + "name": "urn:example.com:classification", + "value": "This SBOM is Confidential Information. Do not distribute." + } +] ``` -Trimmed, normalized output: +additionally, you can apply a `--select` clause to simply obtain the matching entry's `value`: + +```bash +./sbom-utility query -i test/cyclonedx/cdx-1-4-mature-example-1.json --select value --from metadata.properties --where name=urn:example.com:classification --quiet +``` ```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "components": [ - { - "type": "library", - "name": "body-parser", - "version": "1.19.0", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - }, - { - "alg": "SHA-256", - "content": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" - } - ], - "licenses": [ - { - "license": { - "id": "Apache-2.0" - } - }, - { - "license": { - "id": "MIT" - } - } - ], - "purl": "pkg:npm/body-parser@1.19.0", - "externalReferences": [ - { - "type": "support", - "url": "https://example.com/support" - }, - { - "type": "website", - "url": "https://example.com/website" - } - ] - }, - { - "type": "library", - "name": "sample", - "version": "2.0.0", - "licenses": [ - { - "license": { - "id": "GPL-2.0-only" - } - }, - { - "license": { - "id": "GPL-2.0-or-later" - } - }, - { - "license": { - "id": "LGPL-2.0-or-later" - } - } - ], - "purl": "pkg:npm/sample@2.0.0", - "properties": [ - { - "name": "foo", - "value": "bar" - }, - { - "name": "moo", - "value": "cow" - } - ] - } - ] -} +[ + { + "value": "This SBOM is Confidential Information. Do not distribute." + } +] ``` -### Validate +--- -This command will parse standardized SBOMs and validate it against its declared format and version (e.g., SPDX 2.2, CycloneDX 1.4). Custom variants of standard JSON schemas can be used for validation by supplying the `--variant` name as a flag. Explicit JSON schemas can be specified using the `--force` flag. +### Resource -#### Validate supported schemas +The `resource` command is geared toward inspecting various resources types and their information from SBOMs against future maturity models being developed as part of the [OWASP Software Component Verification Standard (SCVS)](https://owasp.org/www-project-software-component-verification-standard/). In the SCVS model, a "resource" is the parent classification for software (components), services, Machine Learning (ML) models, data, hardware, tools and more. -Use the [schema](#schema) command to list supported schemas formats, versions and variants. +Primarily, the command is used to generate lists of resources, by type, that are included in a CycloneDX SBOM by invoking `resource list`. -Customized JSON schemas can also be permanently configured as named schema "variants" within the utility's configuration file. See [adding schemas](#adding-schemas). +#### Resource supported output formats -#### Validate flags - -The following flags can be used to improve performance when formatting error output results: +This command supports the `--format` flag with any of the following values: -##### `--error-limit` flag +- `txt` (default), `csv`, `md` -Use the `--error-limit x` (default: `10`) flag to reduce the formatted error result output to the first `x` errors. By default, only the first 10 errors are output with an informational messaging indicating `x/y` errors were shown. +#### Resource result sorting -##### `--error-value` flag +Currently, all `resource list` command results are sorted by resource `type` then by resource `name` (required field). -Use the `--error-value=true|false` (default: `true`) flag to reduce the formatted error result output by not showing the `value` field which shows detailed information about the failing data in the BOM. +#### Resource Examples -##### `--colorize` flag +#### Example: resource list -Use the `--colorize=true|false` (default: `false`) flag to add/remove color formatting to error result `txt` formatted output. By default, `txt` formatted error output is colorized to help with human readability; for automated use, it can be turned off. +```bash +./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --quiet +``` -#### Validate Examples +```bash +type name version bom-ref +---- ---- ------- ------- +component ACME Application 2.0.0 pkg:app/sample@1.0.0 +component Library A 1.0.0 pkg:lib/libraryA@1.0.0 +component Library B 1.0.0 pkg:lib/libraryB@1.0.0 +component Library C 1.0.0 pkg:lib/libraryC@1.0.0 +component Library D 1.0.0 pkg:lib/libraryD@1.0.0 +component Library E 1.0.0 pkg:lib/libraryE@1.0.0 +component Library F 1.0.0 pkg:lib/libraryF@1.0.0 +component Library G 1.0.0 pkg:lib/libraryG@1.0.0 +component Library H 1.0.0 pkg:lib/libraryH@1.0.0 +component Library J 1.0.0 pkg:lib/libraryJ@1.0.0 +component Library NoLicense 1.0.0 pkg:lib/libraryNoLicense@1.0.0 +service Bar service:example.com/myservices/bar +service Foo service:example.com/myservices/foo +``` -##### Example: Validate using inferred format and schema +##### Example: resource list using `--type service` -Validating the "juice shop" SBOM (CycloneDX 1.2) example provided in this repository. +This example uses the `type` flag to specific `service`. The other valid type is `component`. Future versions of CycloneDX schema will include more resource types such as "ml" (machine learning) or "tool". ```bash -./sbom-utility validate -i examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json +./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --type service --quiet ``` ```bash -[INFO] Loading (embedded) default schema config file: `config.json`... -[INFO] Loading (embedded) default license policy file: `license.json`... -[INFO] Attempting to load and unmarshal data from: `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json`... -[INFO] Successfully unmarshalled data from: `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json` -[INFO] Determining file's BOM format and version... -[INFO] Determined BOM format, version (variant): `CycloneDX`, `1.2` (latest) -[INFO] Matching BOM schema (for validation): schema/cyclonedx/1.2/bom-1.2.schema.json -[INFO] Loading schema `schema/cyclonedx/1.2/bom-1.2.schema.json`... -[INFO] Schema `schema/cyclonedx/1.2/bom-1.2.schema.json` loaded. -[INFO] Validating `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json`... -[INFO] BOM valid against JSON schema: `true` +type name version bom-ref +---- ---- ------- ------- +service Bar service:example.com/myservices/bar +service Foo service:example.com/myservices/foo ``` -You can also verify the [exit code](#exit-codes) from the validate command: +##### Example: list with `name` regex match + +This example uses the `where` filter on the `name` field. In this case we supply an exact "startswith" regex. for the `name` filter. ```bash -echo $? +./sbom-utility resource list -i test/cyclonedx/cdx-1-3-resource-list.json --where "name=Library A" --quiet ``` ```bash -0 // no error (valid) +type name version bom-ref +---- ---- ------- ------- +component Library A 1.0.0 pkg:lib/libraryA@1.0.0 ``` -#### Example: Validate using "custom" schema variants +--- -The validation command will use the declared format and version found within the SBOM JSON file itself to lookup the default (latest) matching schema version (as declared in`config.json`; however, if variants of that same schema (same format and version) are declared, they can be requested via the `--variant` command line flag: +### Schema + +You can verify which formats, schemas, versions and variants are available for validation by using the `schema` command: ```bash -./sbom-utility validate -i test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json --variant custom +./sbom-utility schema list ``` -If you run the sample command above, you would see several "custom" schema errors resulting in an invalid SBOM determination (i.e., `exit status 2`): +- **Note**: The `schema` command will default to the `list` subcommand if omitted. -```text -[INFO] Loading (embedded) default schema config file: `config.json`... -[INFO] Loading (embedded) default license policy file: `license.json`... -[INFO] Attempting to load and unmarshal data from: `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`... -[INFO] Successfully unmarshalled data from: `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json` -[INFO] Determining file's BOM format and version... -[INFO] Determined BOM format, version (variant): `CycloneDX`, `1.4` custom -[INFO] Matching BOM schema (for validation): schema/test/bom-1.4-custom.schema.json -[INFO] Loading schema `schema/test/bom-1.4-custom.schema.json`... -[INFO] Schema `schema/test/bom-1.4-custom.schema.json` loaded. -[INFO] Validating `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`... -[INFO] BOM valid against JSON schema: `false` -[INFO] (3) schema errors detected. -[INFO] Formatting error results (`txt` format)... -1. { - "type": "contains", - "field": "metadata.properties", - "context": "(root).metadata.properties", - "description": "At least one of the items must match", - "value": [ - { - "name": "urn:example.com:disclaimer", - "value": "This SBOM is current as of the date it was generated." - }, - { - "name": "urn:example.com:classification", - "value": "This SBOM is Confidential Information. Do not distribute." - } - ] - } -2. { - "type": "const", - "field": "metadata.properties.0.value", - "context": "(root).metadata.properties.0.value", - "description": "metadata.properties.0.value does not match: \"This SBOM is current as of the date it was generated and is subject to change.\"", - "value": "This SBOM is current as of the date it was generated." - } -3. { - "type": "number_all_of", - "field": "metadata.properties", - "context": "(root).metadata.properties", - "description": "Must validate all the schemas (allOf)", - "value": [ - { - "name": "urn:example.com:disclaimer", - "value": "This SBOM is current as of the date it was generated." - }, - { - "name": "urn:example.com:classification", - "value": "This SBOM is Confidential Information. Do not distribute." - } - ] - } -[ERROR] invalid SBOM: schema errors found (test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json) -[INFO] document `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`: valid=[false] -``` +#### Schema supported output formats -confirming the exit code: +This command supports the `--format` flag with any of the following values: -```bash -echo $? -``` +- `txt` (default), `csv`, `md` + +#### Schema result sorting + +- Formatted results are sorted by `format` (ascending), `version` (descending) and `schema` (descending) + +#### Schema examples + +##### Example: schema list ```bash -2 // SBOM error +name variant format version file url +---- ------- ------ ------- ---- --- +CycloneDX v1.6 development CycloneDX 1.6 schema/cyclonedx/1.6/bom-1.6.schema.json https://raw.githubusercontent.com/CycloneDX/specification/1.6-dev/schema/bom-1.6.schema.json +CycloneDX v1.5 (latest) CycloneDX 1.5 schema/cyclonedx/1.5/bom-1.5.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.5.schema.json +CycloneDX v1.4 (latest) CycloneDX 1.4 schema/cyclonedx/1.4/bom-1.4.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.4.schema.json +CycloneDX v1.4 custom CycloneDX 1.4 schema/test/bom-1.4-custom.schema.json +CycloneDX v1.3 (latest) CycloneDX 1.3 schema/cyclonedx/1.3/bom-1.3.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.3.schema.json +CycloneDX v1.3 custom CycloneDX 1.3 schema/test/bom-1.3-custom.schema.json +CycloneDX v1.3 strict CycloneDX 1.3 schema/cyclonedx/1.3/bom-1.3-strict.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.3-strict.schema.json +CycloneDX v1.2 (latest) CycloneDX 1.2 schema/cyclonedx/1.2/bom-1.2.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.2.schema.json +CycloneDX v1.2 strict CycloneDX 1.2 schema/cyclonedx/1.2/bom-1.2-strict.schema.json https://raw.githubusercontent.com/CycloneDX/specification/master/schema/bom-1.2-strict.schema.json +SPDX v2.3 (latest) SPDX SPDX-2.3 schema/spdx/2.3/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/development/v2.3/schemas/spdx-schema.json +SPDX v2.3.1 development SPDX SPDX-2.3 schema/spdx/2.3.1/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/development/v2.3.1/schemas/spdx-schema.json +SPDX v2.2.2 (latest) SPDX SPDX-2.2 schema/spdx/2.2.2/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/v2.2.2/schemas/spdx-schema.json +SPDX v2.2.1 2.2.1 SPDX SPDX-2.2 schema/spdx/2.2.1/spdx-schema.json https://raw.githubusercontent.com/spdx/spdx-spec/v2.2.1/schemas/spdx-schema.json ``` -##### Why validation failed +#### Adding schemas -The output shows a first schema error indicating the failing JSON object; in this case, +Entries for new or "custom" schemas can be added to the `config.json` file by adding a new schema entry and then will need to pass that file on the command line using the `--config-schema` flag. -- the CycloneDX `metadata.properties` field, which is a list of `property` objects. -- Found that a property with a `name` field with the value `"urn:example.com:disclaimer"` had an incorrect `value`. - - the `value` field SHOULD have had a constant value of `"This SBOM is current as of the date it was generated and is subject to change."` (as was required by the custom schema's regex). - - However, it was found to have only a partial match of `"This SBOM is current as of the date it was generated."`. +These new schema entries will tell the schema loader where to find the JSON schema file locally, relative to the utility's executable. -##### Details of the schema error +For details see the "[Adding SBOM formats, schema versions and variants](#adding-sbom-formats-schema-versions-and-variants)" section. -Use the `--debug` or `-d` flag to see all schema error details: +#### Embedding schemas -```bash -./sbom-utility validate -i test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json --variant custom -d -``` +If you wish to have the new schema *embedded in the executable*, simply add it to the project's `resources` subdirectory following the format and version-based directory structure. -The details include the full context of the failing `metadata.properties` object which also includes a `"urn:example.com:classification"` property: +--- -```bash -3. { - "type": "number_all_of", - "field": "metadata.properties", - "context": "(root).metadata.properties", - "description": "Must validate all the schemas (allOf)", - "value": [ - { - "name": "urn:example.com:disclaimer", - "value": "This SBOM is current as of the date it was generated." - }, - { - "name": "urn:example.com:classification", - "value": "This SBOM is Confidential Information. Do not distribute." - } - ] - } -``` +### Trim -#### Example: Validate using "JSON" format +This command is able to "trim" one or more JSON keys (fields) from specified JSON BOM documents effectively "pruning" the JSON document. This functionality helps consumers of large-sized BOMs that need to analyze specific types of data in large BOMs in reducing the BOM data to just what is needed for their use cases or needs. -The JSON format will provide an `array` of schema error results that can be post-processed as part of validation toolchain. +#### Trim supported output formats + +This command is used to output, using the [`--output-file` flag](#output-flag), a "trimmed" BOM in JSON format. + +- `json` (default) + +#### Trim flags + +Trim operates on a JSON BOM input file (see [`--input-file` flag](#input-flag)) and produces a trimmed JSON BOM output file using the following flags: + +##### Trim `--keys` flag + +A comma-separated list of JSON map keys. Similar to the [query command's `--select` flag](#query---select-flag) syntax. + +##### Trim `--from` flag + +A comma-separated list of JSON document paths using the same syntax as the [query command's `--from` flag](#query---from-flag). + +##### Trim `--normalize` flag + +A flag that normalizes the BOM data after trimming and prior to output. + +This flag has custom code that sorts all components, services, licenses, vulnerabilities, properties, external references, hashes and *most* other BOM data using custom comparators. + +Each comparator uses `required` fields and other identifying fields to create *"composite keys"* for each unique data structure. + +#### Trim examples + +The original BOM used for these examples can be found here: + +- [test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json](test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json) + +##### Example: Trim `properties` from entire JSON BOM + +Validating the "juice shop" SBOM (CycloneDX 1.2) example provided in this repository. ```bash -./sbom-utility validate -i test/validation/cdx-1-4-validate-err-components-unique-items-1.json --format json --quiet +./sbom-utility trim -i ./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=properties ``` +Original BOM with `properties`: + ```json -[ +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "version": 1, + "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", + "components": [ { - "type": "unique", - "field": "components", - "context": "(root).components", - "description": "array items[1,2] must be unique", - "value": { - "type": "array", - "index": 1, - "item": { - "bom-ref": "pkg:npm/body-parser@1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "licenses": [ - { - "license": { - "id": "MIT" - } - } - ], - "name": "body-parser", - "purl": "pkg:npm/body-parser@1.19.0", - "type": "library", - "version": "1.19.0" - } + "type": "library", + "bom-ref": "pkg:npm/sample@2.0.0", + "purl": "pkg:npm/sample@2.0.0", + "name": "sample", + "version": "2.0.0", + "description": "Node.js Sampler package", + "properties": [ + { + "name": "foo", + "value": "bar" } + ] }, { - "type": "unique", - "field": "components", - "context": "(root).components", - "description": "array items[2,4] must be unique", - "value": { - "type": "array", - "index": 2, - "item": { - "bom-ref": "pkg:npm/body-parser@1.19.0", - "description": "Node.js body parsing middleware", - "hashes": [ - { - "alg": "SHA-1", - "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" - } - ], - "licenses": [ - { - "license": { - "id": "MIT" - } - } - ], - "name": "body-parser", - "purl": "pkg:npm/body-parser@1.19.0", - "type": "library", - "version": "1.19.0" - } + "type": "library", + "bom-ref": "pkg:npm/body-parser@1.19.0", + "purl": "pkg:npm/body-parser@1.19.0", + "name": "body-parser", + "version": "1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" } + ] } -] -``` - -##### Reducing output size using `error-value=false` flag - -In many cases, BOMs may have many errors and having the `value` information details included can be too verbose and lead to large output files to inspect. In those cases, simply set the `error-value` flag to `false`. - -Rerunning the same command with this flag set to false yields a reduced set of information. - -```bash -./sbom-utility validate -i test/validation/cdx-1-4-validate-err-components-unique-items-1.json --format json --error-value=false --quiet -``` - -```json -[ - { - "type": "unique", - "field": "components", - "context": "(root).components", - "description": "array items[1,2] must be unique" - }, + ], + "properties": [ { - "type": "unique", - "field": "components", - "context": "(root).components", - "description": "array items[2,4] must be unique" + "name": "abc", + "value": "123" } -] + ] +} ``` ---- - -### Vulnerability - -This command will extract basic vulnerability report data from an SBOM that has a "vulnerabilities" list or from a standalone VEX in CycloneDX format. It includes the ability to filter reports data by applying regex to any of the named column data. - -#### Vulnerability supported output formats - -Use the `--format` flag on the to choose one of the supported output formats: - -- txt (default), csv, md - -#### Vulnerability result sorting +Output BOM results without `properties`: -- `txt`, `csv` and `md` formatted results are sorted by vulnerability `id` (descending) then by `created` date (descending). -- `json` results are not sorted - -#### Vulnerability Examples - -##### Example: Vulnerability list - -The `list` subcommand provides a complete view of most top-level, vulnerability fields. - -```bash -./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet -``` - -```bash -id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description --- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- -CVE-2023-42004 502 CVSSv31: 7.5 (high) NVD https://nvd.nist.gov/vuln/detail/CVE-2023-42004 2023-10-02 2023-10-02 2023-10-02 UNDEFINED UNDEFINED In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. -CVE-2023-42003 502 CVSSv31: 7.5 (high) NVD https://nvd.nist.gov/vuln/detail/CVE-2023-42003 2023-10-02 2023-10-02 2023-10-02 UNDEFINED UNDEFINED In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 -CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", + "version": 1, + "components": [ + { + "type": "library", + "bom-ref": "pkg:npm/sample@2.0.0", + "name": "sample", + "version": "2.0.0", + "description": "Node.js Sampler package", + "purl": "pkg:npm/sample@2.0.0" + }, + { + "type": "library", + "bom-ref": "pkg:npm/body-parser@1.19.0", + "name": "body-parser", + "version": "1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "purl": "pkg:npm/body-parser@1.19.0" + } + ] +} ``` -###### Example: Vulnerability list summary - -This example shows the default text output from using the `--summary` flag: +##### Example: Trim `name` and `description` from entire JSON BOM ```bash -./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --summary +./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=name,description --quiet ``` -```bash -id cvss-severity source-name published description --- ------------- ----------- --------- ----------- -CVE-2023-42004 CVSSv31: 7.5 (high) NVD 2023-10-02 In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. -CVE-2023-42003 CVSSv31: 7.5 (high) NVD 2023-10-02 In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 -CVE-2020-25649 CVSSv31: 7.5 (high) NVD 2020-12-03 com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +Output BOM results without `name` or `description`: + +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", + "version": 1, + "components": [ + { + "type": "library", + "bom-ref": "pkg:npm/sample@2.0.0", + "version": "2.0.0", + "purl": "pkg:npm/sample@2.0.0", + "properties": [ + { + "value": "bar" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:npm/body-parser@1.19.0", + "version": "1.19.0", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "purl": "pkg:npm/body-parser@1.19.0" + } + ], + "properties": [ + { + "value": "123" + } + ] +} ``` -##### Example: Vulnerability list with `--where` filter with `description` key +##### Example: Trim `properties` from only `components` path ```bash -./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --where description=XXE +./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-small-components-only.sbom.json --keys=properties --from components --quiet ``` -```bash -id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description --- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- -CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +Output BOM results with `properties` removed from all `components`: + +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", + "version": 1, + "components": [ + { + "type": "library", + "bom-ref": "pkg:npm/sample@2.0.0", + "name": "sample", + "version": "2.0.0", + "description": "Node.js Sampler package", + "purl": "pkg:npm/sample@2.0.0" + }, + { + "type": "library", + "bom-ref": "pkg:npm/body-parser@1.19.0", + "name": "body-parser", + "version": "1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "purl": "pkg:npm/body-parser@1.19.0" + } + ], + "properties": [ + { + "name": "abc", + "value": "123" + } + ] +} ``` -##### Example: Vulnerability list with `--where` filter with `analysis-state` key +--- -```bash -./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --where analysis-state=not_affected -``` +##### Example: Trim `bom-ref` and normalize output ```bash -id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description --- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- -CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +./sbom-utility trim -i test/trim/trim-cdx-1-5-sample-components-normalize.sbom.json --keys="bom-ref" --normalize -q ``` ---- +**Note** If you do not want to remove any keys and simply normalize output, set keys to an empty string: `--keys=""`. -#### Completion +Use the trim command to remove all `bom-ref` fields and normalize output: -This command will generate command-line completion scripts, for the this utility, customized for various supported shells. +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "components": [ + { + "type": "library", + "bom-ref": "pkg:npm/sample@2.0.0", + "purl": "pkg:npm/sample@2.0.0", + "name": "sample", + "version": "2.0.0", + "licenses": [ + { + "license": { + "id": "GPL-2.0-or-later" + } + }, + { + "license": { + "id": "LGPL-2.0-or-later" + } + }, + { + "license": { + "id": "GPL-2.0-only" + } + } + ], + "properties": [ + { + "name": "moo", + "value": "cow" + }, + { + "name": "foo", + "value": "bar" + } + ] + }, + { + "type": "library", + "bom-ref": "pkg:npm/body-parser@1.19.0", + "purl": "pkg:npm/body-parser@1.19.0", + "name": "body-parser", + "version": "1.19.0", + "hashes": [ + { + "alg": "SHA-256", + "content": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" + }, + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + }, + { + "license": { + "id": "Apache-2.0" + } + } + ], + "externalReferences": [ + { + "type": "website", + "url": "https://example.com/website" + }, + { + "type": "support", + "url": "https://example.com/support" + } + ] + } + ] +} +``` -The completion command can be invoked as follows: +Trimmed, normalized output: -```bash -./sbom_utility completion [shell] +```json +{ + "bomFormat": "CycloneDX", + "specVersion": "1.5", + "components": [ + { + "type": "library", + "name": "body-parser", + "version": "1.19.0", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + }, + { + "alg": "SHA-256", + "content": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" + } + ], + "licenses": [ + { + "license": { + "id": "Apache-2.0" + } + }, + { + "license": { + "id": "MIT" + } + } + ], + "purl": "pkg:npm/body-parser@1.19.0", + "externalReferences": [ + { + "type": "support", + "url": "https://example.com/support" + }, + { + "type": "website", + "url": "https://example.com/website" + } + ] + }, + { + "type": "library", + "name": "sample", + "version": "2.0.0", + "licenses": [ + { + "license": { + "id": "GPL-2.0-only" + } + }, + { + "license": { + "id": "GPL-2.0-or-later" + } + }, + { + "license": { + "id": "LGPL-2.0-or-later" + } + } + ], + "purl": "pkg:npm/sample@2.0.0", + "properties": [ + { + "name": "foo", + "value": "bar" + }, + { + "name": "moo", + "value": "cow" + } + ] + } + ] +} ``` -where valid values for `shell` are: - -- bash -- fish -- powershell -- zsh - ---- - -### Help - -The utility supports the `help` command for the root command as well as any supported commands - -For example, to list top-level (root command) help which lists the supported "Available Commands": +### Validate -```bash -./sbom-utility help -``` +This command will parse standardized SBOMs and validate it against its declared format and version (e.g., SPDX 2.2, CycloneDX 1.4). Custom variants of standard JSON schemas can be used for validation by supplying the `--variant` name as a flag. Explicit JSON schemas can be specified using the `--force` flag. -A specific command-level help listing is also available. For example, you can access the help for the `validate` command: +#### Validate supported schemas -```bash -./sbom-utility help validate -``` +Use the [schema](#schema) command to list supported schemas formats, versions and variants. ---- +Customized JSON schemas can also be permanently configured as named schema "variants" within the utility's configuration file. See [adding schemas](#adding-schemas). -## Experimental Commands +#### Validate flags -This section contains *experimental* commands that will be promoted once vetted by the community over two or more point releases. +The following flags can be used to improve performance when formatting error output results: -### Diff +##### `--error-limit` flag -This *experimental* command will compare two *similar* BOMs and return the delta (or "diff") in JSON (diff-patch format) or text. This functionality is based upon code ancestral to that used to report file diffs between `git commit`s. +Use the `--error-limit x` (default: `10`) flag to reduce the formatted error result output to the first `x` errors. By default, only the first 10 errors are output with an informational messaging indicating `x/y` errors were shown. -##### Notes +##### `--error-value` flag -- This command is undergoing analysis and tests which are exposing some underlying issues around "moved" objects in dependent diff-patch packages that may not be fixable and have no alternatives. - - *Specifically, the means by which "moved" objects are assigned "similarity" scores appears flawed in the case of JSON.* - - *Additionally, some of the underlying code relies upon Go maps which do not preserve key ordering.* +Use the `--error-value=true|false` (default: `true`) flag to reduce the formatted error result output by not showing the `value` field which shows detailed information about the failing data in the BOM. -#### Diff supported output formats +##### `--colorize` flag -Use the `--format` flag on the to choose one of the supported output formats: +Use the `--colorize=true|false` (default: `false`) flag to add/remove color formatting to error result `txt` formatted output. By default, `txt` formatted error output is colorized to help with human readability; for automated use, it can be turned off. -- txt (default), json +#### Validate Examples -#### Diff Examples +##### Example: Validate using inferred format and schema -##### Example: Add, delete and modify +Validating the "juice shop" SBOM (CycloneDX 1.2) example provided in this repository. ```bash -./sbom-utility diff -i test/diff/json-array-order-change-with-add-and-delete-base.json -r test/diff/json-array-order-change-with-add-and-delete-delta.json --quiet --format txt --colorize=true +./sbom-utility validate -i examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json ``` ```bash - { - "licenses": [ - 0: { - "license": { -- "id": "Apache-1.0" -+ "id": "GPL-2.0" - } - }, --+ 2=>1: { --+ "license": { --+ "id": "GPL-3.0-only" --+ } --+ }, - 2: { - "license": { - "id": "GPL-3.0-only" - } - }, - 3: { - "license": { - "id": "MIT" - } - } - ] - } +[INFO] Loading (embedded) default schema config file: `config.json`... +[INFO] Loading (embedded) default license policy file: `license.json`... +[INFO] Attempting to load and unmarshal data from: `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json`... +[INFO] Successfully unmarshalled data from: `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json` +[INFO] Determining file's BOM format and version... +[INFO] Determined BOM format, version (variant): `CycloneDX`, `1.2` (latest) +[INFO] Matching BOM schema (for validation): schema/cyclonedx/1.2/bom-1.2.schema.json +[INFO] Loading schema `schema/cyclonedx/1.2/bom-1.2.schema.json`... +[INFO] Schema `schema/cyclonedx/1.2/bom-1.2.schema.json` loaded. +[INFO] Validating `examples/cyclonedx/SBOM/juice-shop-11.1.2/bom.json`... +[INFO] BOM valid against JSON schema: `true` ``` ---- - -### Patch - -This *experimental* command is able to "patch" an existing JSON BOM document using an [IETF RFC6902](https://datatracker.ietf.org/doc/html/rfc6902/#section-4.1) *"JavaScript Object Notation (JSON) Patch"* file. - -The current implementation supports the following "patch" operations: - -- "add", "update", "remove" and "test" - -At this time the "move" or "copy" operations are not supported. - -Patches work for both simple (i.e., integer, float, boolean and string) values as well as complex values such as JSON objects, maps and arrays. - -#### Patch supported output formats - -This command is used to output, using the [`--output-file` flag](#output-flag), a "patched" BOM in JSON format. - -- `json` (default) - -#### Patch flags - -The patch command operates on a JSON BOM input file (see [`--input-file` flag](#input-flag)) as well as an [IETF RFC6902](https://datatracker.ietf.org/doc/html/rfc6902/#section-4.1)-formatted "patch' file and produces a "patched" version of the input JSON BOM as output using the following flags: - -##### Patch `--patch-filename` flag - -The `--patch-file ` flag is used to provide the relative path to the IETF RFC6902 patch file to applied to the BOM input file. - -#### Patch examples - -This section contains examples of all supported patch operations (i.e., add, replace, test) including values that are primitives (i.e., `numbers`, `strings`) as well as JSON `objects` and may be indexed JSON `array` elements. - -- ["add" BOM `serialNumber`](#patch-example-1-add-bom-serialnumber) -- ["add" (update) BOM `version`](#patch-example-2-add-update-bom-version) -- ["add" `supplier` object to `metadata`](#patch-example-3-add-supplier-object-to-metadata-object) -- ["add" `property` objects to `metadata.properties` array](#patch-example-4-add-property-objects-to-metadataproperties-array) -- ["replace" `version` and `timestamp` values](#patch-example-5-replace-bom-version-and-timestamp) -- ["remove" `property` from the `metadata.properties` array](#patch-example-6-remove-property-from-the-metadataproperties-array) -- ["test" if a `property` exists in the `metadata.properties` array](#patch-example-7-test-property-exists-in-the-metadataproperties-array) - -##### Patch example 1: "add" BOM `serialNumber` - -This example adds a new top-level key `"serialNumber"` and corresponding value to a CycloneDX JSON BOM file. - -The original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json) has no serial number: +You can also verify the [exit code](#exit-codes) from the validate command: -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - ... - } -} +```bash +echo $? ``` -IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-serial-number.json](test/patch/cdx-patch-example-add-serial-number.json): - -```json -[ - { "op": "add", "path": "/serialNumber", "value": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9" } -] +```bash +0 // no error (valid) ``` -Invoke the patch command as follows: +#### Example: Validate using "custom" schema variants + +The validation command will use the declared format and version found within the SBOM JSON file itself to lookup the default (latest) matching schema version (as declared in`config.json`; however, if variants of that same schema (same format and version) are declared, they can be requested via the `--variant` command line flag: ```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-serial-number.json -q +./sbom-utility validate -i test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json --variant custom ``` -Patched JSON BOM output file: +If you run the sample command above, you would see several "custom" schema errors resulting in an invalid SBOM determination (i.e., `exit status 2`): -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "serialNumber": "urn:uuid:1a2b3c4d-1234-abcd-9876-a3b4c5d6e7f9", - "version": 1, - "metadata": { - ... +```text +[INFO] Loading (embedded) default schema config file: `config.json`... +[INFO] Loading (embedded) default license policy file: `license.json`... +[INFO] Attempting to load and unmarshal data from: `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`... +[INFO] Successfully unmarshalled data from: `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json` +[INFO] Determining file's BOM format and version... +[INFO] Determined BOM format, version (variant): `CycloneDX`, `1.4` custom +[INFO] Matching BOM schema (for validation): schema/test/bom-1.4-custom.schema.json +[INFO] Loading schema `schema/test/bom-1.4-custom.schema.json`... +[INFO] Schema `schema/test/bom-1.4-custom.schema.json` loaded. +[INFO] Validating `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`... +[INFO] BOM valid against JSON schema: `false` +[INFO] (3) schema errors detected. +[INFO] Formatting error results (`txt` format)... +1. { + "type": "contains", + "field": "metadata.properties", + "context": "(root).metadata.properties", + "description": "At least one of the items must match", + "value": [ + { + "name": "urn:example.com:disclaimer", + "value": "This SBOM is current as of the date it was generated." + }, + { + "name": "urn:example.com:classification", + "value": "This SBOM is Confidential Information. Do not distribute." + } + ] } -} -``` - -##### Patch example 2: "add" (update) BOM `version` - -This example shows how the patch's "add" operation can be used to update existing values which is the specified behavior of RFC6902. - -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json) with `version` equal to `1`: - -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - ... - } -} +2. { + "type": "const", + "field": "metadata.properties.0.value", + "context": "(root).metadata.properties.0.value", + "description": "metadata.properties.0.value does not match: \"This SBOM is current as of the date it was generated and is subject to change.\"", + "value": "This SBOM is current as of the date it was generated." + } +3. { + "type": "number_all_of", + "field": "metadata.properties", + "context": "(root).metadata.properties", + "description": "Must validate all the schemas (allOf)", + "value": [ + { + "name": "urn:example.com:disclaimer", + "value": "This SBOM is current as of the date it was generated." + }, + { + "name": "urn:example.com:classification", + "value": "This SBOM is Confidential Information. Do not distribute." + } + ] + } +[ERROR] invalid SBOM: schema errors found (test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json) +[INFO] document `test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json`: valid=[false] ``` -IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-serial-number.json](test/patch/cdx-patch-example-add-serial-number.json): +confirming the exit code: -```json -[ - { "op": "add", "path": "/version", "value": 2 } -] +```bash +echo $? ``` -Invoke the patch command as follows: - ```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-update-version.json -q +2 // SBOM error ``` -The patched, output JSON BOM file which has the changed `version` value of `2`: +##### Why validation failed -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 2, - "metadata": { - ... - } -} -``` +The output shows a first schema error indicating the failing JSON object; in this case, -##### Patch example 3: "add" `supplier` object to `metadata` object +- the CycloneDX `metadata.properties` field, which is a list of `property` objects. +- Found that a property with a `name` field with the value `"urn:example.com:disclaimer"` had an incorrect `value`. + - the `value` field SHOULD have had a constant value of `"This SBOM is current as of the date it was generated and is subject to change."` (as was required by the custom schema's regex). + - However, it was found to have only a partial match of `"This SBOM is current as of the date it was generated."`. -This example shows how the patch's "add" operation can be used to add a JSON object to an existing object. +##### Details of the schema error -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): +Use the `--debug` or `-d` flag to see all schema error details: -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - ... - ] - } -} +```bash +./sbom-utility validate -i test/custom/cdx-1-4-test-custom-metadata-property-disclaimer-invalid.json --variant custom -d ``` -Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-metadata-supplier.json](test/patch/cdx-patch-example-add-metadata-supplier.json): +The details include the full context of the failing `metadata.properties` object which also includes a `"urn:example.com:classification"` property: -```json -[ - { "op": "add", "path": "/metadata/supplier", "value": { - "name": "Example Co. Distribution Dept.", - "url": [ - "https://example.com/software/" - ] +```bash +3. { + "type": "number_all_of", + "field": "metadata.properties", + "context": "(root).metadata.properties", + "description": "Must validate all the schemas (allOf)", + "value": [ + { + "name": "urn:example.com:disclaimer", + "value": "This SBOM is current as of the date it was generated." + }, + { + "name": "urn:example.com:classification", + "value": "This SBOM is Confidential Information. Do not distribute." + } + ] } - } -] ``` -Invoke the patch command as follows: +#### Example: Validate using "JSON" format + +The JSON format will provide an `array` of schema error results that can be post-processed as part of validation toolchain. ```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-metadata-supplier.json -q +./sbom-utility validate -i test/validation/cdx-1-4-validate-err-components-unique-items-1.json --format json --quiet ``` -The patched BOM has the `supplier` object added to the `metadata`: - ```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "supplier": { - "name": "Example Co. Distribution Dept.", - "url": [ - "https://example.com/software/" - ] - }, - "properties": [ - ... - ] +[ + { + "type": "unique", + "field": "components", + "context": "(root).components", + "description": "array items[1,2] must be unique", + "value": { + "type": "array", + "index": 1, + "item": { + "bom-ref": "pkg:npm/body-parser@1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "name": "body-parser", + "purl": "pkg:npm/body-parser@1.19.0", + "type": "library", + "version": "1.19.0" + } + } + }, + { + "type": "unique", + "field": "components", + "context": "(root).components", + "description": "array items[2,4] must be unique", + "value": { + "type": "array", + "index": 2, + "item": { + "bom-ref": "pkg:npm/body-parser@1.19.0", + "description": "Node.js body parsing middleware", + "hashes": [ + { + "alg": "SHA-1", + "content": "96b2709e57c9c4e09a6fd66a8fd979844f69f08a" + } + ], + "licenses": [ + { + "license": { + "id": "MIT" + } + } + ], + "name": "body-parser", + "purl": "pkg:npm/body-parser@1.19.0", + "type": "library", + "version": "1.19.0" + } + } } -} +] ``` -##### Patch example 4: "add" `property` objects to `metadata.properties` array +##### Reducing output size using `error-value=false` flag -This example shows how the patch's "add" operation can be used to add `property` objects to an existing `properties` array. +In many cases, BOMs may have many errors and having the `value` information details included can be too verbose and lead to large output files to inspect. In those cases, simply set the `error-value` flag to `false`. -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): +Rerunning the same command with this flag set to false yields a reduced set of information. -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - { - "name": "Property 1", - "value": "Value 1" - }, - { - "name": "Property 2", - "value": "Value 2" - } - ] - } -} +```bash +./sbom-utility validate -i test/validation/cdx-1-4-validate-err-components-unique-items-1.json --format json --error-value=false --quiet ``` -Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-add-metadata-properties.json](test/patch/cdx-patch-example-add-metadata-properties.json): - ```json [ - { "op": "add", "path": "/metadata/properties/-", "value": { "name": "foo", "value": "bar" } }, - { "op": "add", "path": "/metadata/properties/1", "value": { "name": "rush", "value": "yyz" } } + { + "type": "unique", + "field": "components", + "context": "(root).components", + "description": "array items[1,2] must be unique" + }, + { + "type": "unique", + "field": "components", + "context": "(root).components", + "description": "array items[2,4] must be unique" + } ] ``` -Note that the first patch record uses the `-` (dash) to indicate "insert at end" whereas the second patch record has the zero-based array index `1`. +--- -Invoke the patch command as follows: +### Vulnerability -```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-add-metadata-properties.json -q -``` +This command will extract basic vulnerability report data from an SBOM that has a "vulnerabilities" list or from a standalone VEX in CycloneDX format. It includes the ability to filter reports data by applying regex to any of the named column data. -The patched, output BOM has the two new properties at the specified indices: +#### Vulnerability supported output formats -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - { - "name": "Property 1", - "value": "Value 1" - }, - { - "name": "rush", - "value": "yyz" - }, - { - "name": "Property 2", - "value": "Value 2" - }, - { - "name": "foo", - "value": "bar" - } - ] - } -} +Use the `--format` flag on the to choose one of the supported output formats: + +- txt (default), csv, md + +#### Vulnerability result sorting + +- `txt`, `csv` and `md` formatted results are sorted by vulnerability `id` (descending) then by `created` date (descending). +- `json` results are not sorted + +#### Vulnerability Examples + +##### Example: Vulnerability list + +The `list` subcommand provides a complete view of most top-level, vulnerability fields. + +```bash +./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet ``` -##### Patch example 5: "replace" BOM `version` and `timestamp` +```bash +id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description +-- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- +CVE-2023-42004 502 CVSSv31: 7.5 (high) NVD https://nvd.nist.gov/vuln/detail/CVE-2023-42004 2023-10-02 2023-10-02 2023-10-02 UNDEFINED UNDEFINED In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. +CVE-2023-42003 502 CVSSv31: 7.5 (high) NVD https://nvd.nist.gov/vuln/detail/CVE-2023-42003 2023-10-02 2023-10-02 2023-10-02 UNDEFINED UNDEFINED In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 +CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +``` -This example shows how the patch's "replace" operation can be used to update the BOM document's `version` and `timestamp` values. +###### Example: Vulnerability list summary -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): +This example shows the default text output from using the `--summary` flag: -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - ... - ] - } -} +```bash +./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --summary ``` -Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-replace-version-timestamp.json](test/patch/cdx-patch-example-replace-version-timestamp.json): - -```json -[ - { "op": "replace", "path": "/version", "value": 2 }, - { "op": "replace", "path": "/metadata/timestamp", "value": "2024-01-24T22:50:18+00:00" } -] +```bash +id cvss-severity source-name published description +-- ------------- ----------- --------- ----------- +CVE-2023-42004 CVSSv31: 7.5 (high) NVD 2023-10-02 In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. +CVE-2023-42003 CVSSv31: 7.5 (high) NVD 2023-10-02 In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1 +CVE-2020-25649 CVSSv31: 7.5 (high) NVD 2020-12-03 com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. ``` -Invoke the patch command as follows: +##### Example: Vulnerability list with `--where` filter with `description` key ```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-replace-version-timestamp.json -q +./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --where description=XXE ``` -The patched, output BOM has both an updated `version` and `timestamp`: +```bash +id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description +-- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- +CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +``` -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 2, - "metadata": { - "timestamp": "2024-01-24T22:50:18+00:00", - "properties": [ - ... - } -} +##### Example: Vulnerability list with `--where` filter with `analysis-state` key + +```bash +./sbom-utility vulnerability list -i test/vex/cdx-1-3-example1-bom-vex.json --quiet --where analysis-state=not_affected ``` -##### Patch example 6: "remove" `property` from the `metadata.properties` array +```bash +id bom-ref cwe-ids cvss-severity source-name source-url published updated created rejected analysis-state analysis-justification description +-- ------- ------- ------------- ----------- ---------- --------- ------- ------- -------- -------------- ---------------------- ----------- +CVE-2020-25649 611 CVSSv31: 7.5 (high), CVSSv31: 8.2 (high), CVSSv31: 0 (none) NVD https://nvd.nist.gov/vuln/detail/CVE-2020-25649 2020-12-03 2023-02-02 2020-12-03 not_affected code_not_reachable com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A flaw was found in FasterXML Jackson Databind, where it does not have entity expansion secured properly in the DOMDeserializer class. The highest threat from this vulnerability is data integrity. +``` -This example shows how the patch's "remove" operation can be used to remove a `property` object from the `metadata.properties` array using an index. +--- -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): +#### Completion -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - { - "name": "Property 1", - "value": "Value 1" - }, - { - "name": "Property 2", - "value": "Value 2" - } - ] - } -} -``` +This command will generate command-line completion scripts, for the this utility, customized for various supported shells. -Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-remove-metadata-property.json](test/patch/cdx-patch-example-remove-metadata-property.json): +The completion command can be invoked as follows: -```json -[ - { "op": "remove", "path": "/metadata/properties/1" } -] +```bash +./sbom_utility completion [shell] ``` -Invoke the patch command as follows: +where valid values for `shell` are: + +- bash +- fish +- powershell +- zsh + +--- + +### Help + +The utility supports the `help` command for the root command as well as any supported commands + +For example, to list top-level (root command) help which lists the supported "Available Commands": ```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-remove-metadata-property.json -q +./sbom-utility help ``` -The `property` at index `1` of the `metadata.properties` array has been removed: +A specific command-level help listing is also available. For example, you can access the help for the `validate` command: -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - { - "name": "Property 1", - "value": "Value 1" - } - ] - } -} +```bash +./sbom-utility help validate ``` -##### Patch example 7: "test" `property` exists in the `metadata.properties` array +--- -This example shows how the patch records's can "test" for values or objects in a BOM. The utility will confirm "success" (using an `[INFO]` log message); otherwise, the utility will exit and return an error and generate an `[ERROR]` log message. +## Experimental Commands -Original CycloneDX JSON BOM file: [test/patch/cdx-1-5-simplest-base.json](test/patch/cdx-1-5-simplest-base.json): +This section contains *experimental* commands that will be promoted once vetted by the community over two or more point releases. -```json -{ - "bomFormat": "CycloneDX", - "specVersion": "1.5", - "version": 1, - "metadata": { - "timestamp": "2023-10-12T19:07:00Z", - "properties": [ - { - "name": "Property 1", - "value": "Value 1" - }, - { - "name": "Property 2", - "value": "Value 2" - } - ] - } -} -``` +### Diff -Apply the following IETF RFC6902 JSON Patch file: [test/patch/cdx-patch-example-test-metadata-property.json](test/patch/cdx-patch-example-test-metadata-property.json): +This *experimental* command will compare two *similar* BOMs and return the delta (or "diff") in JSON (diff-patch format) or text. This functionality is based upon code ancestral to that used to report file diffs between `git commit`s. -```json -[ - { "op": "test", "path": "/metadata/properties/1", "value": - { - "name": "Property 2", - "value": "Value 2" - } - } -] -``` +##### Notes -Invoke the patch command as follows: +- This command is undergoing analysis and tests which are exposing some underlying issues around "moved" objects in dependent diff-patch packages that may not be fixable and have no alternatives. + - *Specifically, the means by which "moved" objects are assigned "similarity" scores appears flawed in the case of JSON.* + - *Additionally, some of the underlying code relies upon Go maps which do not preserve key ordering.* -```bash -./sbom-utility patch --input-file test/patch/cdx-1-5-simplest-base.json --patch-file test/patch/cdx-patch-example-test-metadata-property.json -q -``` +#### Diff supported output formats -An informational (i.e., `[INFO]`) message is logged with `success` since the property object was found in the input BOM: +Use the `--format` flag on the to choose one of the supported output formats: -```json -[INFO] IETF RFC6902 test operation success. test record: { - "op": "test", - "path": "/metadata/properties/1", - "value": { - "name": "Property 2", - "value": "Value 2" - } -} -``` +- txt (default), json -If instead, we [tested for a different property](test/patch/cdx-patch-example-test-metadata-property-err.json) object: +#### Diff Examples -```json -[ - { "op": "test", "path": "/metadata/properties/1", "value": - { - "name": "Property 3", - "value": "Value 3" - } - } -] -``` +##### Example: Add, delete and modify -an error (i.e., `[ERROR]`) would be returned from the utility: +```bash +./sbom-utility diff -i test/diff/json-array-order-change-with-add-and-delete-base.json -r test/diff/json-array-order-change-with-add-and-delete-delta.json --quiet --format txt --colorize=true +``` -```json -[ERROR] IETF RFC6902 test operation error. test record: { - "op": "test", - "path": "/metadata/properties/1", - "value": { - "name": "Property 3", - "value": "Value 3" - } -} +```bash + { + "licenses": [ + 0: { + "license": { +- "id": "Apache-1.0" ++ "id": "GPL-2.0" + } + }, +-+ 2=>1: { +-+ "license": { +-+ "id": "GPL-3.0-only" +-+ } +-+ }, + 2: { + "license": { + "id": "GPL-3.0-only" + } + }, + 3: { + "license": { + "id": "MIT" + } + } + ] + } ``` --- diff --git a/cmd/component.go b/cmd/component.go new file mode 100644 index 00000000..5b17d271 --- /dev/null +++ b/cmd/component.go @@ -0,0 +1,389 @@ +// SPDX-License-Identifier: Apache-2.0 +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package cmd + +import ( + "encoding/csv" + "fmt" + "io" + "sort" + "strings" + "text/tabwriter" + + "github.com/CycloneDX/sbom-utility/common" + "github.com/CycloneDX/sbom-utility/schema" + "github.com/CycloneDX/sbom-utility/utils" + "github.com/jwangsadinata/go-multimap" + "github.com/spf13/cobra" +) + +const ( + SUBCOMMAND_COMPONENT_LIST = "list" +) + +var VALID_SUBCOMMANDS_COMPONENT = []string{SUBCOMMAND_COMPONENT_LIST} + +var COMPONENT_LIST_ROW_DATA = []ColumnFormatData{ + *NewColumnFormatData(COMPONENT_FILTER_KEY_TYPE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(COMPONENT_FILTER_KEY_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(COMPONENT_FILTER_KEY_VERSION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(COMPONENT_FILTER_KEY_BOMREF, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, REPORT_REPLACE_LINE_FEEDS_TRUE), +} + +// filter keys +// Note: these string values MUST match annotations for the ComponentInfo struct fields +// Type string `json:"type"` +// Publisher string `json:"publisher,omitempty"` +// Scope string `json:"scope,omitempty"` +// Copyright string `json:"copyright,omitempty"` +// Cpe string `json:"cpe,omitempty"` // See: https://nvd.nist.gov/products/cpe +// Purl string `json:"purl,omitempty" scvs:"bom:resource:identifiers:purl"` // See: https://github.com/package-url/purl-spec +// Swid *CDXSwid `json:"swid,omitempty"` +const ( + COMPONENT_FILTER_KEY_TYPE = "type" + COMPONENT_FILTER_KEY_NAME = "name" + COMPONENT_FILTER_KEY_VERSION = "version" + COMPONENT_FILTER_KEY_BOMREF = "bom-ref" +) + +var VALID_COMPONENT_FILTER_KEYS = []string{ + COMPONENT_FILTER_KEY_TYPE, + COMPONENT_FILTER_KEY_NAME, + COMPONENT_FILTER_KEY_VERSION, + COMPONENT_FILTER_KEY_BOMREF, +} + +// Flags. Reuse query flag values where possible +const ( + FLAG_COMPONENT_TYPE = "type" + FLAG_COMPONENT_TYPE_HELP = "filter output by component type(s)" +) + +const ( + MSG_OUTPUT_NO_COMPONENTS_FOUND = "[WARN] no matching components found for query" +) + +// Command help formatting +const ( + FLAG_COMPONENT_OUTPUT_FORMAT_HELP = "format output using the specified type" +) + +var COMPONENT_LIST_OUTPUT_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + + strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ") + +func NewCommandComponent() *cobra.Command { + var command = new(cobra.Command) + command.Use = CMD_USAGE_COMPONENT_LIST + command.Short = "Report on components found in the BOM input file" + command.Long = "Report on components found in the BOM input file" + command.Flags().StringVarP(&utils.GlobalFlags.PersistentFlags.OutputFormat, FLAG_FILE_OUTPUT_FORMAT, "", FORMAT_TEXT, + FLAG_COMPONENT_OUTPUT_FORMAT_HELP+COMPONENT_LIST_OUTPUT_SUPPORTED_FORMATS) + command.Flags().StringP(FLAG_COMPONENT_TYPE, "", "", FLAG_COMPONENT_TYPE_HELP) + command.Flags().StringP(FLAG_REPORT_WHERE, "", "", FLAG_REPORT_WHERE_HELP) + command.RunE = componentCmdImpl + command.ValidArgs = VALID_SUBCOMMANDS_COMPONENT + command.PreRunE = func(cmd *cobra.Command, args []string) (err error) { + // the command requires at least 1 valid subcommand (argument) + if len(args) > 1 { + return getLogger().Errorf("Too many arguments provided: %v", args) + } + + // Make sure (optional) subcommand is known/valid + if len(args) == 1 { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_COMPONENT, args[0]) { + return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) + } + } + + if len(args) == 0 { + getLogger().Tracef("No subcommands provided; defaulting to: `%s` subcommand", SUBCOMMAND_SCHEMA_LIST) + } + + // Test for required flags (parameters) + err = preRunTestForInputFile(args) + + return + } + return command +} + +func componentCmdImpl(cmd *cobra.Command, args []string) (err error) { + getLogger().Enter(args) + defer getLogger().Exit() + + // Create output writer + outputFilename := utils.GlobalFlags.PersistentFlags.OutputFile + outputFile, writer, err := createOutputFile(outputFilename) + getLogger().Tracef("outputFile: `%v`; writer: `%v`", outputFilename, writer) + + // use function closure to assure consistent error output based upon error type + defer func() { + // always close the output file + if outputFile != nil { + outputFile.Close() + getLogger().Infof("Closed output file: `%s`", outputFilename) + } + }() + + // process filters supplied on the --where command flag + whereFilters, err := processWhereFlag(cmd) + + if err == nil { + err = ListComponents(writer, utils.GlobalFlags.PersistentFlags, whereFilters) + } + + return +} + +// Assure all errors are logged +func processComponentListResults(err error) { + if err != nil { + // No special processing at this time + getLogger().Error(err) + } +} + +// NOTE: resourceType has already been validated +func ListComponents(writer io.Writer, persistentFlags utils.PersistentCommandFlags, whereFilters []common.WhereFilter) (err error) { + getLogger().Enter() + defer getLogger().Exit() + + // use function closure to assure consistent error output based upon error type + defer func() { + if err != nil { + processComponentListResults(err) + } + }() + + // Note: returns error if either file load or unmarshal to JSON map fails + var document *schema.BOM + document, err = LoadInputBOMFileAndDetectSchema() + + if err != nil { + return + } + + // Hash all licenses within input file + getLogger().Infof("Scanning document for licenses...") + err = loadDocumentComponents(document, whereFilters) + + if err != nil { + return + } + + format := persistentFlags.OutputFormat + getLogger().Infof("Outputting listing (`%s` format)...", format) + switch format { + case FORMAT_TEXT: + err = DisplayComponentListText(document, writer) + case FORMAT_CSV: + err = DisplayComponentListCSV(document, writer) + case FORMAT_MARKDOWN: + err = DisplayComponentListMarkdown(document, writer) + default: + // Default to Text output for anything else (set as flag default) + getLogger().Warningf("Listing not supported for `%s` format; defaulting to `%s` format...", + format, FORMAT_TEXT) + err = DisplayComponentListText(document, writer) + } + return +} + +func loadDocumentComponents(document *schema.BOM, whereFilters []common.WhereFilter) (err error) { + getLogger().Enter() + defer getLogger().Exit(err) + + // At this time, fail SPDX format SBOMs as "unsupported" (for "any" format) + if !document.FormatInfo.IsCycloneDx() { + err = schema.NewUnsupportedFormatForCommandError( + document.FormatInfo.CanonicalName, + document.GetFilename(), + CMD_LICENSE, FORMAT_ANY) + return + } + + // Before looking for license data, fully unmarshal the SBOM into named structures + if err = document.UnmarshalCycloneDXBOM(); err != nil { + return + } + + // Add top-level SBOM component + err = document.HashmapComponentResources(whereFilters) + if err != nil { + return + } + + return +} + +func sortComponents(entries []multimap.Entry) { + // Sort by Type then Name + sort.Slice(entries, func(i, j int) bool { + resource1 := (entries[i].Value).(schema.CDXResourceInfo) + resource2 := (entries[j].Value).(schema.CDXResourceInfo) + if resource1.ResourceType != resource2.ResourceType { + return resource1.ResourceType < resource2.ResourceType + } + return resource1.Name < resource2.Name + }) +} + +// NOTE: This list is NOT de-duplicated +// TODO: Add a --no-title flag to skip title output +func DisplayComponentListText(bom *schema.BOM, writer io.Writer) (err error) { + getLogger().Enter() + defer getLogger().Exit() + + // initialize tabwriter + w := new(tabwriter.Writer) + defer w.Flush() + + // min-width, tab-width, padding, pad-char, flags + w.Init(writer, 8, 2, 2, ' ', 0) + + // create title row and underline row from slices of optional and compulsory titles + titles, underlines := prepareReportTitleData(COMPONENT_LIST_ROW_DATA, true) + + // Add tabs between column titles for the tabWRiter + fmt.Fprintf(w, "%s\n", strings.Join(titles, "\t")) + fmt.Fprintf(w, "%s\n", strings.Join(underlines, "\t")) + + // Display a warning "missing" in the actual output and return (short-circuit) + entries := bom.ResourceMap.Entries() + + // Emit no license warning into output + if len(entries) == 0 { + fmt.Fprintf(w, "%s\n", MSG_OUTPUT_NO_RESOURCES_FOUND) + return + } + + // Sort Components prior to outputting + sortComponents(entries) + + // Emit row data + var line []string + for _, entry := range entries { + line, err = prepareReportLineData( + entry.Value.(schema.CDXResourceInfo), + COMPONENT_LIST_ROW_DATA, + true, + ) + // Only emit line if no error + if err != nil { + return + } + fmt.Fprintf(w, "%s\n", strings.Join(line, "\t")) + } + return +} + +// TODO: Add a --no-title flag to skip title output +func DisplayComponentListCSV(bom *schema.BOM, writer io.Writer) (err error) { + getLogger().Enter() + defer getLogger().Exit() + + // initialize writer and prepare the list of entries (i.e., the "rows") + w := csv.NewWriter(writer) + defer w.Flush() + + // Create title row data as []string + titles, _ := prepareReportTitleData(COMPONENT_LIST_ROW_DATA, true) + + if err = w.Write(titles); err != nil { + return getLogger().Errorf("error writing to output (%v): %s", titles, err) + } + + // Display a warning "missing" in the actual output and return (short-circuit) + entries := bom.ResourceMap.Entries() + + // Emit no resource found warning into output + if len(entries) == 0 { + currentRow := []string{MSG_OUTPUT_NO_RESOURCES_FOUND} + if err = w.Write(currentRow); err != nil { + // unable to emit an error message into output stream + return getLogger().Errorf("error writing to output (%v): %s", currentRow, err) + } + return fmt.Errorf(currentRow[0]) + } + + // Sort Components prior to outputting + sortComponents(entries) + + var line []string + for _, entry := range entries { + line, err = prepareReportLineData( + entry.Value.(schema.CDXResourceInfo), + COMPONENT_LIST_ROW_DATA, + true, + ) + // Only emit line if no error + if err != nil { + return + } + if err = w.Write(line); err != nil { + err = getLogger().Errorf("csv.Write: %w", err) + } + } + return +} + +// TODO: Add a --no-title flag to skip title output +func DisplayComponentListMarkdown(bom *schema.BOM, writer io.Writer) (err error) { + getLogger().Enter() + defer getLogger().Exit() + + // Create title row data as []string, include all columns that are flagged "summary" data + titles, _ := prepareReportTitleData(COMPONENT_LIST_ROW_DATA, true) + titleRow := createMarkdownRow(titles) + fmt.Fprintf(writer, "%s\n", titleRow) + + // create alignment row, include all columns that are flagged "summary" data + alignments := createMarkdownColumnAlignmentRow(COMPONENT_LIST_ROW_DATA, true) + alignmentRow := createMarkdownRow(alignments) + fmt.Fprintf(writer, "%s\n", alignmentRow) + + // Display a warning "missing" in the actual output and return (short-circuit) + entries := bom.ResourceMap.Entries() + + // Emit no components found warning into output + if len(entries) == 0 { + fmt.Fprintf(writer, "%s\n", MSG_OUTPUT_NO_COMPONENTS_FOUND) + return fmt.Errorf(MSG_OUTPUT_NO_COMPONENTS_FOUND) + } + + // Sort Components prior to outputting + sortComponents(entries) + + var line []string + var lineRow string + for _, entry := range entries { + line, err = prepareReportLineData( + entry.Value.(schema.CDXResourceInfo), + COMPONENT_LIST_ROW_DATA, + true, + ) + // Only emit line if no error + if err != nil { + return + } + lineRow = createMarkdownRow(line) + fmt.Fprintf(writer, "%s\n", lineRow) + } + return +} diff --git a/cmd/diff.go b/cmd/diff.go index 116f3622..7496df27 100644 --- a/cmd/diff.go +++ b/cmd/diff.go @@ -62,14 +62,14 @@ func NewCommandDiff() *cobra.Command { command.RunE = diffCmdImpl command.PreRunE = func(cmd *cobra.Command, args []string) (err error) { // Test for required flags (parameters) - err = preRunTestForFiles(cmd, args) + err = preRunTestForFiles(args) return } return command } -func preRunTestForFiles(cmd *cobra.Command, args []string) error { +func preRunTestForFiles(args []string) error { getLogger().Enter() defer getLogger().Exit() getLogger().Tracef("args: %v", args) diff --git a/cmd/license.go b/cmd/license.go index ec949974..4f243ef6 100644 --- a/cmd/license.go +++ b/cmd/license.go @@ -23,6 +23,7 @@ import ( "github.com/CycloneDX/sbom-utility/common" "github.com/CycloneDX/sbom-utility/schema" + "github.com/CycloneDX/sbom-utility/utils" "github.com/spf13/cobra" ) @@ -55,7 +56,7 @@ func NewCommandLicense() *cobra.Command { return getLogger().Errorf("Too many arguments provided: %v", args) } // Make sure subcommand is known - if !preRunTestForSubcommand(command, VALID_SUBCOMMANDS_LICENSE, args[0]) { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_LICENSE, args[0]) { return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) } return @@ -79,7 +80,7 @@ func licenseCmdImpl(cmd *cobra.Command, args []string) error { // 2. (root).metadata.component.licenses[] + all "nested" components // 3. (root).components[](.license[]) (each component + all "nested" components) // 4. (root).services[](.license[]) (each service + all "nested" services) -func loadDocumentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, whereFilters []common.WhereFilter) (err error) { +func loadDocumentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -104,19 +105,19 @@ func loadDocumentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon // 1. Hash all licenses in the SBOM metadata (i.e., (root).metadata.component) // Note: this SHOULD represent a summary of all licenses that apply // to the component being described in the SBOM - if err = hashMetadataLicenses(bom, policyConfig, schema.LC_LOC_METADATA, whereFilters); err != nil { + if err = hashMetadataLicenses(bom, policyConfig, schema.LC_LOC_METADATA, whereFilters, licenseFlags); err != nil { return } // 2. Hash all licenses in (root).metadata.component (+ "nested" components) - if err = hashMetadataComponentLicenses(bom, policyConfig, schema.LC_LOC_METADATA_COMPONENT, whereFilters); err != nil { + if err = hashMetadataComponentLicenses(bom, policyConfig, schema.LC_LOC_METADATA_COMPONENT, whereFilters, licenseFlags); err != nil { return } // 3. Hash all component licenses found in the (root).components[] (+ "nested" components) pComponents := bom.GetCdxComponents() if pComponents != nil && len(*pComponents) > 0 { - if err = hashComponentsLicenses(bom, policyConfig, *pComponents, schema.LC_LOC_COMPONENTS, whereFilters); err != nil { + if err = hashComponentsLicenses(bom, policyConfig, *pComponents, schema.LC_LOC_COMPONENTS, whereFilters, licenseFlags); err != nil { return } } @@ -124,7 +125,7 @@ func loadDocumentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon // 4. Hash all service licenses found in the (root).services[] (array) (+ "nested" services) pServices := bom.GetCdxServices() if pServices != nil && len(*pServices) > 0 { - if err = hashServicesLicenses(bom, policyConfig, *pServices, schema.LC_LOC_SERVICES, whereFilters); err != nil { + if err = hashServicesLicenses(bom, policyConfig, *pServices, schema.LC_LOC_SERVICES, whereFilters, licenseFlags); err != nil { return } } @@ -133,7 +134,7 @@ func loadDocumentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon } // Hash the license found in the (root).metadata.licenses[] array -func hashMetadataLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, location int, whereFilters []common.WhereFilter) (err error) { +func hashMetadataLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -162,7 +163,7 @@ func hashMetadataLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon licenseInfo.BOMLocationValue = location licenseInfo.ResourceName = LICENSE_LIST_NOT_APPLICABLE licenseInfo.BOMRef = LICENSE_LIST_NOT_APPLICABLE - err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters) + err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters, licenseFlags) if err != nil { return } @@ -172,7 +173,7 @@ func hashMetadataLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon } // Hash the license found in the (root).metadata.component object (and any "nested" components) -func hashMetadataComponentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, location int, whereFilters []common.WhereFilter) (err error) { +func hashMetadataComponentLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -192,19 +193,19 @@ func hashMetadataComponentLicenses(bom *schema.BOM, policyConfig *schema.License return } - _, err = hashComponentLicense(bom, policyConfig, *component, location, whereFilters) + _, err = hashComponentLicense(bom, policyConfig, *component, location, whereFilters, licenseFlags) return } // Hash all licenses found in an array of CDX Components // TODO use array of pointer to []CDXComponent -func hashComponentsLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, components []schema.CDXComponent, location int, whereFilters []common.WhereFilter) (err error) { +func hashComponentsLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, components []schema.CDXComponent, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) for _, cdxComponent := range components { - _, err = hashComponentLicense(bom, policyConfig, cdxComponent, location, whereFilters) + _, err = hashComponentLicense(bom, policyConfig, cdxComponent, location, whereFilters, licenseFlags) if err != nil { return } @@ -214,12 +215,12 @@ func hashComponentsLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyC // Hash all licenses found in an array of CDX Services // TODO use array of pointer to []CDXService -func hashServicesLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, services []schema.CDXService, location int, whereFilters []common.WhereFilter) (err error) { +func hashServicesLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, services []schema.CDXService, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) for _, cdxServices := range services { - err = hashServiceLicense(bom, policyConfig, cdxServices, location, whereFilters) + err = hashServiceLicense(bom, policyConfig, cdxServices, location, whereFilters, licenseFlags) if err != nil { return } @@ -228,7 +229,7 @@ func hashServicesLicenses(bom *schema.BOM, policyConfig *schema.LicensePolicyCon } // Hash a CDX Component's licenses and recursively those of any "nested" components -func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, cdxComponent schema.CDXComponent, location int, whereFilters []common.WhereFilter) (li *schema.LicenseInfo, err error) { +func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, cdxComponent schema.CDXComponent, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (li *schema.LicenseInfo, err error) { getLogger().Enter() defer getLogger().Exit(err) var licenseInfo schema.LicenseInfo @@ -246,7 +247,7 @@ func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyCon if cdxComponent.BOMRef != nil { licenseInfo.BOMRef = *cdxComponent.BOMRef } - err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters) + err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters, licenseFlags) if err != nil { // Show intent to not check for error returns as there no intent to recover @@ -263,7 +264,7 @@ func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyCon if cdxComponent.BOMRef != nil { licenseInfo.BOMRef = *cdxComponent.BOMRef } - _, err = bom.HashmapLicenseInfo(policyConfig, LICENSE_NO_ASSERTION, licenseInfo, whereFilters) + _, err = bom.HashmapLicenseInfo(policyConfig, LICENSE_NO_ASSERTION, licenseInfo, whereFilters, licenseFlags) getLogger().Warningf("%s: %s (name:`%s`, version: `%s`, package-url: `%s`)", "No license found for component. bomRef", @@ -278,7 +279,7 @@ func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyCon // Recursively hash licenses for all child components (i.e., hierarchical composition) pComponents := cdxComponent.Components if pComponents != nil && len(*pComponents) > 0 { - err = hashComponentsLicenses(bom, policyConfig, *pComponents, location, whereFilters) + err = hashComponentsLicenses(bom, policyConfig, *pComponents, location, whereFilters, licenseFlags) if err != nil { return } @@ -289,7 +290,7 @@ func hashComponentLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyCon // Hash all licenses found in a CDX Service // TODO use pointer to CDXService -func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, cdxService schema.CDXService, location int, whereFilters []common.WhereFilter) (err error) { +func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, cdxService schema.CDXService, location int, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -307,7 +308,7 @@ func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfi licenseInfo.BOMRef = *cdxService.BOMRef } licenseInfo.BOMLocationValue = location - err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters) + err = hashLicenseInfoByLicenseType(bom, policyConfig, licenseInfo, whereFilters, licenseFlags) if err != nil { return @@ -322,7 +323,7 @@ func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfi if cdxService.BOMRef != nil { licenseInfo.BOMRef = *cdxService.BOMRef } - _, err = bom.HashmapLicenseInfo(policyConfig, LICENSE_NO_ASSERTION, licenseInfo, whereFilters) + _, err = bom.HashmapLicenseInfo(policyConfig, LICENSE_NO_ASSERTION, licenseInfo, whereFilters, licenseFlags) getLogger().Warningf("%s: %s (name: `%s`, version: `%s`)", "No license found for service. bomRef", @@ -337,7 +338,7 @@ func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfi // Recursively hash licenses for all child components (i.e., hierarchical composition) pServices := cdxService.Services if pServices != nil && len(*pServices) > 0 { - err = hashServicesLicenses(bom, policyConfig, *pServices, location, whereFilters) + err = hashServicesLicenses(bom, policyConfig, *pServices, location, whereFilters, licenseFlags) if err != nil { // Show intent to not check for error returns as there is no recovery _ = getLogger().Errorf("Unable to hash empty license: %v", licenseInfo) @@ -353,7 +354,7 @@ func hashServiceLicense(bom *schema.BOM, policyConfig *schema.LicensePolicyConfi // 2. Where the license was found within the SBOM // 3. The entity name (e.g., service or component name) that declared the license // 4. The entity local BOM reference (i.e., "bomRef") -func hashLicenseInfoByLicenseType(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, licenseInfo schema.LicenseInfo, whereFilters []common.WhereFilter) (err error) { +func hashLicenseInfoByLicenseType(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, licenseInfo schema.LicenseInfo, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -362,13 +363,13 @@ func hashLicenseInfoByLicenseType(bom *schema.BOM, policyConfig *schema.LicenseP if pLicense != nil && pLicense.Id != "" { licenseInfo.LicenseChoiceTypeValue = schema.LC_TYPE_ID - _, err = bom.HashmapLicenseInfo(policyConfig, pLicense.Id, licenseInfo, whereFilters) + _, err = bom.HashmapLicenseInfo(policyConfig, pLicense.Id, licenseInfo, whereFilters, licenseFlags) } else if pLicense != nil && pLicense.Name != "" { licenseInfo.LicenseChoiceTypeValue = schema.LC_TYPE_NAME - _, err = bom.HashmapLicenseInfo(policyConfig, pLicense.Name, licenseInfo, whereFilters) + _, err = bom.HashmapLicenseInfo(policyConfig, pLicense.Name, licenseInfo, whereFilters, licenseFlags) } else if licenseChoice.Expression != "" { licenseInfo.LicenseChoiceTypeValue = schema.LC_TYPE_EXPRESSION - _, err = bom.HashmapLicenseInfo(policyConfig, licenseChoice.Expression, licenseInfo, whereFilters) + _, err = bom.HashmapLicenseInfo(policyConfig, licenseChoice.Expression, licenseInfo, whereFilters, licenseFlags) } else { // Note: This code path only executes if hashing is performed // without schema validation (which would find this as an error) diff --git a/cmd/license_list.go b/cmd/license_list.go index accfc1fa..d1689a9e 100644 --- a/cmd/license_list.go +++ b/cmd/license_list.go @@ -51,7 +51,6 @@ const ( MSG_OUTPUT_NO_LICENSES_ONLY_NOASSERTION = "no valid licenses found in BOM document (only licenses marked NOASSERTION)" ) -// "Type", "ID/Name/Expression", "Component(s)", "BOM ref.", "Document location" // filter keys const ( LICENSE_FILTER_KEY_USAGE_POLICY = "usage-policy" @@ -62,43 +61,37 @@ const ( LICENSE_FILTER_KEY_BOM_LOCATION = "bom-location" ) -var LICENSE_LIST_ROW_DATA = []ColumnFormatData{ - {LICENSE_FILTER_KEY_USAGE_POLICY, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {LICENSE_FILTER_KEY_LICENSE_TYPE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {LICENSE_FILTER_KEY_LICENSE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {LICENSE_FILTER_KEY_RESOURCE_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {LICENSE_FILTER_KEY_BOM_REF, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {LICENSE_FILTER_KEY_BOM_LOCATION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, -} - -var LICENSE_SUMMARY_TITLES = []string{ - LICENSE_FILTER_KEY_USAGE_POLICY, - LICENSE_FILTER_KEY_LICENSE_TYPE, - LICENSE_FILTER_KEY_LICENSE, - LICENSE_FILTER_KEY_RESOURCE_NAME, - LICENSE_FILTER_KEY_BOM_REF, - LICENSE_FILTER_KEY_BOM_LOCATION, -} +// var LICENSE_LIST_TITLES_LICENSE_CHOICE = []string{"License.Id", "License.Name", "License.Url", "Expression", "License.Text.ContentType", "License.Text.Encoding", "License.Text.Content"} +const ( + LICENSE_FILTER_KEY_LICENSE_ID = "license-id" + LICENSE_FILTER_KEY_LICENSE_NAME = "license-name" + LICENSE_FILTER_KEY_LICENSE_EXPRESSION = "license-expression" + LICENSE_FILTER_KEY_LICENSE_URL = "license-url" + LICENSE_FILTER_KEY_LICENSE_TEXT_ENCODING = "license-text-encoding" + LICENSE_FILTER_KEY_LICENSE_TEXT_CONTENT_TYPE = "license-text-content-type" + LICENSE_FILTER_KEY_LICENSE_TEXT_CONTENT = "license-text-content" +) -var VALID_LICENSE_FILTER_KEYS = []string{ - LICENSE_FILTER_KEY_USAGE_POLICY, - LICENSE_FILTER_KEY_LICENSE_TYPE, - LICENSE_FILTER_KEY_LICENSE, - LICENSE_FILTER_KEY_RESOURCE_NAME, - LICENSE_FILTER_KEY_BOM_REF, - LICENSE_FILTER_KEY_BOM_LOCATION, +var LICENSE_LIST_ROW_DATA = []ColumnFormatData{ + *NewColumnFormatData(LICENSE_FILTER_KEY_USAGE_POLICY, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_TYPE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_RESOURCE_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_BOM_REF, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_BOM_LOCATION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_ID, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_NAME, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_EXPRESSION, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_URL, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_TEXT_ENCODING, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_TEXT_CONTENT_TYPE, -1, false, false), + *NewColumnFormatData(LICENSE_FILTER_KEY_LICENSE_TEXT_CONTENT, 8, false, false), } // Command help formatting var LICENSE_LIST_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_JSON, FORMAT_CSV, FORMAT_MARKDOWN}, ", ") + " (default: json)" -var LICENSE_LIST_SUMMARY_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_SUMMARY_HELP + - strings.Join([]string{FORMAT_TEXT, FORMAT_CSV, FORMAT_MARKDOWN}, ", ") + - " (default: txt)" - -// Title row names for formatted lists (reports) -var LICENSE_LIST_TITLES_LICENSE_CHOICE = []string{"License.Id", "License.Name", "License.Url", "Expression", "License.Text.ContentType", "License.Text.Encoding", "License.Text.Content"} // WARNING: Cobra will not recognize a subcommand if its `command.Use` is not a single // word string that matches one of the `command.ValidArgs` set on the parent command @@ -109,8 +102,7 @@ func NewCommandList() *cobra.Command { command.Long = "List licenses and associated policies found in the BOM input file" command.Flags().StringVarP(&utils.GlobalFlags.PersistentFlags.OutputFormat, FLAG_FILE_OUTPUT_FORMAT, "", "", FLAG_LICENSE_LIST_OUTPUT_FORMAT_HELP+ - LICENSE_LIST_SUPPORTED_FORMATS+ - LICENSE_LIST_SUMMARY_SUPPORTED_FORMATS) + LICENSE_LIST_SUPPORTED_FORMATS) command.Flags().BoolVarP( &utils.GlobalFlags.LicenseFlags.Summary, FLAG_LICENSE_SUMMARY, "", false, @@ -123,7 +115,7 @@ func NewCommandList() *cobra.Command { } // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) return } return (command) @@ -191,7 +183,7 @@ func listCmdImpl(cmd *cobra.Command, args []string) (err error) { } func ListLicenses(writer io.Writer, policyConfig *schema.LicensePolicyConfig, - persistentFlags utils.PersistentCommandFlags, LicenseFlags utils.LicenseCommandFlags, + persistentFlags utils.PersistentCommandFlags, licenseFlags utils.LicenseCommandFlags, whereFilters []common.WhereFilter) (err error) { getLogger().Enter() defer getLogger().Exit() @@ -213,77 +205,37 @@ func ListLicenses(writer io.Writer, policyConfig *schema.LicensePolicyConfig, // Find an hash all licenses within input BOM file getLogger().Infof("Scanning document for licenses...") - err = loadDocumentLicenses(document, policyConfig, whereFilters) + err = loadDocumentLicenses(document, policyConfig, whereFilters, licenseFlags) if err != nil { return } format := persistentFlags.OutputFormat - - // if `--summary` report requested - if LicenseFlags.Summary { - // TODO surface errors returned from "DisplayXXX" functions - getLogger().Infof("Outputting summary (`%s` format)...", format) - switch format { - case FORMAT_TEXT: - DisplayLicenseListSummaryText(document, writer) - case FORMAT_CSV: - err = DisplayLicenseListSummaryCSV(document, writer) - case FORMAT_MARKDOWN: - DisplayLicenseListSummaryMarkdown(document, writer) - default: - // Default to text output - getLogger().Warningf("Summary not supported for `%s` format; defaulting to `%s` format...", - format, FORMAT_TEXT) - DisplayLicenseListSummaryText(document, writer) - } - } else { - // TODO surface errors returned from "DisplayXXX" functions - getLogger().Infof("Outputting listing (`%s` format)...", format) - switch format { - case FORMAT_JSON: - DisplayLicenseListJson(document, writer) - case FORMAT_CSV: - err = DisplayLicenseListCSV(document, writer) - case FORMAT_MARKDOWN: - DisplayLicenseListMarkdown(document, writer) - case FORMAT_TEXT: - DisplayLicenseListSummaryText(document, writer) - default: - // Default to JSON output for anything else - getLogger().Warningf("Listing not supported for `%s` format; defaulting to `%s` format...", - format, FORMAT_JSON) - DisplayLicenseListJson(document, writer) - } + getLogger().Infof("Outputting listing (`%s` format)...", format) + switch format { + case FORMAT_JSON: + err = DisplayLicenseListJson(document, writer, licenseFlags) + case FORMAT_CSV: + err = DisplayLicenseListCSV(document, writer, licenseFlags) + case FORMAT_MARKDOWN: + err = DisplayLicenseListMarkdown(document, writer, licenseFlags) + case FORMAT_TEXT: + err = DisplayLicenseListText(document, writer, licenseFlags) + default: + // Default to JSON output for anything else + getLogger().Warningf("Listing not supported for `%s` format; defaulting to `%s` format...", + format, FORMAT_JSON) + err = DisplayLicenseListJson(document, writer, licenseFlags) } - return } -func allocateEmptyLicense(licenseChoice *schema.CDXLicenseChoice) { - if licenseChoice != nil { - if licenseChoice.License == nil { - licenseChoice.License = new(schema.CDXLicense) - } - } -} - -func allocateEmptyLicenseText(licenseChoice *schema.CDXLicenseChoice) { - if licenseChoice != nil { - if pLicense := licenseChoice.License; pLicense != nil { - if pLicense.Text == nil { - pLicense.Text = new(schema.CDXAttachment) - } - } - } -} - // NOTE: This list is NOT de-duplicated // NOTE: if no licenses are found, the "json.Marshal" method(s) will return a value of "null" // which is valid JSON (and not an empty array) // TODO: Support de-duplication (flag) (which MUST be exact using deep comparison) -func DisplayLicenseListJson(bom *schema.BOM, writer io.Writer) { +func DisplayLicenseListJson(bom *schema.BOM, writer io.Writer, flags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit() @@ -303,147 +255,15 @@ func DisplayLicenseListJson(bom *schema.BOM, writer io.Writer) { // Note: JSON data files MUST ends in a newline as this is a POSIX standard // which is already accounted for by the JSON encoder. - utils.WriteAnyAsEncodedJSONInt(writer, lc, utils.GlobalFlags.PersistentFlags.GetOutputIndentInt()) -} - -// NOTE: This list is NOT de-duplicated -func DisplayLicenseListCSV(bom *schema.BOM, writer io.Writer) (err error) { - getLogger().Enter() - defer getLogger().Exit() - - var licenseInfo schema.LicenseInfo - var currentRow []string - - w := csv.NewWriter(writer) - defer w.Flush() - - // Emit title row - if err = w.Write(LICENSE_LIST_TITLES_LICENSE_CHOICE); err != nil { - return getLogger().Errorf("error writing to output (%v): %s", LICENSE_LIST_TITLES_LICENSE_CHOICE, err) - } - - // Emit warning (confirmation) message if no licenses found in document - licenseKeys := bom.LicenseMap.KeySet() - - // Emit no license or assertion-only warning into output - checkLicenseListEmptyOrNoAssertionOnly(licenseKeys) - - for _, licenseName := range licenseKeys { - arrLicenseInfo, _ := bom.LicenseMap.Get(licenseName) - - for _, iInfo := range arrLicenseInfo { - // reset line after each iteration - currentRow = nil - licenseInfo = iInfo.(schema.LicenseInfo) - - if licenseInfo.LicenseChoiceTypeValue != schema.LC_TYPE_INVALID { - - lc := licenseInfo.LicenseChoice - - // Assure we have a valid CDXLicense struct to format - if lc.License == nil { - allocateEmptyLicense(&lc) - } - - // Assure we have at least an empty license text (CDXAttachment) struct to format - if lc.License.Text == nil { - allocateEmptyLicenseText(&lc) - } - - // NOTE: we intentionally do NOT truncate the actual content text for CSV files - // Each row will contain every field of a CDX LicenseChoice object - currentRow = append(currentRow, - lc.License.Id, - lc.License.Name, - lc.License.Url, - lc.Expression, - lc.License.Text.ContentType, - lc.License.Text.Encoding, - lc.License.Text.Content) - - if errWrite := w.Write(currentRow); errWrite != nil { - return getLogger().Errorf("error writing to output (%v): %s", currentRow, errWrite) - } - } - } - } + _, err = utils.WriteAnyAsEncodedJSONInt(writer, lc, utils.GlobalFlags.PersistentFlags.GetOutputIndentInt()) return } -// NOTE: This list is NOT de-duplicated -func DisplayLicenseListMarkdown(bom *schema.BOM, writer io.Writer) { - getLogger().Enter() - defer getLogger().Exit() - - var licenseInfo schema.LicenseInfo - - // create title row - titleRow := createMarkdownRow(LICENSE_LIST_TITLES_LICENSE_CHOICE) - fmt.Fprintf(writer, "%s\n", titleRow) - - alignments := createMarkdownColumnAlignment(LICENSE_LIST_TITLES_LICENSE_CHOICE) - alignmentRow := createMarkdownRow(alignments) - fmt.Fprintf(writer, "%s\n", alignmentRow) - - // Display a warning messing in the actual output and return (short-circuit) - licenseKeys := bom.LicenseMap.KeySet() - - // Emit no license or assertion-only warning into output - checkLicenseListEmptyOrNoAssertionOnly(licenseKeys) - - var line []string - var lineRow string - var content string - - for _, licenseName := range licenseKeys { - arrLicenseInfo, _ := bom.LicenseMap.Get(licenseName) - - for _, iInfo := range arrLicenseInfo { - // Each row will contain every field of a CDX LicenseChoice object - line = nil - licenseInfo = iInfo.(schema.LicenseInfo) - - if licenseInfo.LicenseChoiceTypeValue != schema.LC_TYPE_INVALID { - lc := licenseInfo.LicenseChoice - - // Assure we have a valid CDXLicense struct to format - if lc.License == nil { - allocateEmptyLicense(&lc) - } - - // Assure we have at least an empty license text (CDXAttachment) struct to format - if lc.License.Text == nil { - allocateEmptyLicenseText(&lc) - } - - // NOTE: we only truncate the content text for Text (console) output - // TODO perhaps add flag to allow user to specify truncate length (default 8) - // See field "DefaultTruncateLength" in ColumnFormatData struct - content = lc.License.Text.GetContentTruncated(8, true) - - // Format line and write to output - line = append(line, - lc.License.Id, - lc.License.Name, - lc.License.Url, - lc.Expression, - lc.License.Text.ContentType, - lc.License.Text.Encoding, - content) - - lineRow = createMarkdownRow(line) - fmt.Fprintf(writer, "%s\n", lineRow) - } - - } - } -} - // NOTE: This list is NOT de-duplicated // TODO: Make policy column optional // TODO: Add a --no-title flag to skip title output // TODO: Support a new --sort flag -func DisplayLicenseListSummaryText(bom *schema.BOM, writer io.Writer) { +func DisplayLicenseListText(bom *schema.BOM, writer io.Writer, flags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit() @@ -454,13 +274,11 @@ func DisplayLicenseListSummaryText(bom *schema.BOM, writer io.Writer) { // min-width, tab-width, padding, pad-char, flags w.Init(writer, 8, 2, 2, ' ', 0) - var licenseInfo schema.LicenseInfo - // create title row and underline row from slices of optional and compulsory titles - underlines := createTitleTextSeparators(LICENSE_SUMMARY_TITLES) + titles, underlines := prepareReportTitleData(LICENSE_LIST_ROW_DATA, flags.Summary) // Add tabs between column titles for the tabWRiter - fmt.Fprintf(w, "%s\n", strings.Join(LICENSE_SUMMARY_TITLES, "\t")) + fmt.Fprintf(w, "%s\n", strings.Join(titles, "\t")) fmt.Fprintf(w, "%s\n", strings.Join(underlines, "\t")) // Display a warning missing in the actual output and return (short-circuit) @@ -472,30 +290,47 @@ func DisplayLicenseListSummaryText(bom *schema.BOM, writer io.Writer) { // Sort license using identifying key (i.e., `id`, `name` or `expression`) sortLicenseKeys(licenseKeys) + // output the each license entry as a row + var line []string + var licenseInfo schema.LicenseInfo + var content string + for _, licenseName := range licenseKeys { arrLicenseInfo, _ := bom.LicenseMap.Get(licenseName) + // Format each LicenseInfo as a line and write to output for _, iInfo := range arrLicenseInfo { licenseInfo = iInfo.(schema.LicenseInfo) + lc := licenseInfo.LicenseChoice - // Format line and write to output - fmt.Fprintf(w, "%s\t%v\t%s\t%s\t%s\t%s\n", - licenseInfo.UsagePolicy, - licenseInfo.LicenseChoiceType, - licenseName, - licenseInfo.ResourceName, - licenseInfo.BOMRef, - licenseInfo.BOMLocation, + // NOTE: we only truncate the content text for Text (console) output + // TODO perhaps add flag to allow user to specify truncate length (default 8) + // See field "DefaultTruncateLength" in ColumnFormatData struct + if lc.License != nil && lc.License.Text != nil { + content = lc.License.Text.GetContentTruncated(8, true) + licenseInfo.LicenseTextContent = content + } + + line, err = prepareReportLineData( + licenseInfo, + LICENSE_LIST_ROW_DATA, + flags.Summary, ) + // Only emit line if no error + if err != nil { + return + } + fmt.Fprintf(w, "%s\n", strings.Join(line, "\t")) } } + return } // NOTE: This list is NOT de-duplicated // TODO: Make policy column optional // TODO: Add a --no-title flag to skip title output // TODO: Support a new --sort flag -func DisplayLicenseListSummaryCSV(bom *schema.BOM, writer io.Writer) (err error) { +func DisplayLicenseListCSV(bom *schema.BOM, writer io.Writer, flags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit() @@ -503,14 +338,12 @@ func DisplayLicenseListSummaryCSV(bom *schema.BOM, writer io.Writer) (err error) w := csv.NewWriter(writer) defer w.Flush() - var currentRow []string - var licenseInfo schema.LicenseInfo - - // create title row and underline row + // create title row // TODO: Make policy column optional - if errWrite := w.Write(LICENSE_SUMMARY_TITLES); errWrite != nil { - err = getLogger().Errorf("error writing to output (%v): %s", LICENSE_SUMMARY_TITLES, errWrite) - return + titles, _ := prepareReportTitleData(LICENSE_LIST_ROW_DATA, flags.Summary) + + if err = w.Write(titles); err != nil { + return getLogger().Errorf("error writing to output (%v): %s", titles, err) } // retrieve all hashed licenses (keys) found in the document and verify we have ones to process @@ -523,6 +356,9 @@ func DisplayLicenseListSummaryCSV(bom *schema.BOM, writer io.Writer) (err error) sortLicenseKeys(licenseKeys) // output the each license entry as a row + var line []string + var licenseInfo schema.LicenseInfo + for _, licenseName := range licenseKeys { arrLicenseInfo, _ := bom.LicenseMap.Get(licenseName) @@ -533,47 +369,37 @@ func DisplayLicenseListSummaryCSV(bom *schema.BOM, writer io.Writer) (err error) os.Exit(ERROR_VALIDATION) } + // Format each LicenseInfo as a line and write to output for _, iInfo := range arrLicenseInfo { licenseInfo = iInfo.(schema.LicenseInfo) - - // reset line after each iteration - currentRow = nil - - // Note: For CSV files each row should be terminated by a newline - // which is automatically done by the CSV writer - currentRow = append(currentRow, - licenseInfo.Policy.UsagePolicy, - licenseInfo.LicenseChoiceType, - licenseName.(string), - licenseInfo.ResourceName, - licenseInfo.BOMRef.String(), - licenseInfo.BOMLocation, + line, err = prepareReportLineData( + licenseInfo, + LICENSE_LIST_ROW_DATA, + flags.Summary, ) - - if errWrite := w.Write(currentRow); errWrite != nil { - err = getLogger().Errorf("csvWriter.Write(): %w", errWrite) + // Only emit line if no error + if err != nil { return } + if err = w.Write(line); err != nil { + err = getLogger().Errorf("csv.Write: %w", err) + } } } return } // NOTE: This list is NOT de-duplicated -// TODO: Make policy column optional -// TODO: Add a --no-title flag to skip title output -// TODO: Support a new --sort flag -func DisplayLicenseListSummaryMarkdown(bom *schema.BOM, writer io.Writer) { +func DisplayLicenseListMarkdown(bom *schema.BOM, writer io.Writer, flags utils.LicenseCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit() - var licenseInfo schema.LicenseInfo - - // create title row - titleRow := createMarkdownRow(LICENSE_SUMMARY_TITLES) + titles, _ := prepareReportTitleData(LICENSE_LIST_ROW_DATA, flags.Summary) + titleRow := createMarkdownRow(titles) fmt.Fprintf(writer, "%s\n", titleRow) - alignments := createMarkdownColumnAlignment(LICENSE_SUMMARY_TITLES) + // create alignment row, include all columns that are flagged "summary" data + alignments := createMarkdownColumnAlignmentRow(LICENSE_LIST_ROW_DATA, flags.Summary) alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", alignmentRow) @@ -583,33 +409,29 @@ func DisplayLicenseListSummaryMarkdown(bom *schema.BOM, writer io.Writer) { // Emit no license or assertion-only warning into output checkLicenseListEmptyOrNoAssertionOnly(licenseKeys) - // Sort license using identifying key (i.e., `id`, `name` or `expression`) - sortLicenseKeys(licenseKeys) - + // output the each license entry as a row var line []string var lineRow string + var licenseInfo schema.LicenseInfo for _, licenseName := range licenseKeys { arrLicenseInfo, _ := bom.LicenseMap.Get(licenseName) + // Format each LicenseInfo as a line and write to output for _, iInfo := range arrLicenseInfo { licenseInfo = iInfo.(schema.LicenseInfo) - - // reset loop variables for new assignments - line = nil - - // Format line and write to output - line = append(line, - licenseInfo.Policy.UsagePolicy, - licenseInfo.LicenseChoiceType, - licenseName.(string), - licenseInfo.ResourceName, - licenseInfo.BOMRef.String(), - licenseInfo.BOMLocation, + line, err = prepareReportLineData( + licenseInfo, + LICENSE_LIST_ROW_DATA, + flags.Summary, ) - + // Only emit line if no error + if err != nil { + return + } lineRow = createMarkdownRow(line) fmt.Fprintf(writer, "%s\n", lineRow) } } + return } diff --git a/cmd/license_policy.go b/cmd/license_policy.go index 07631f15..c2baeedd 100644 --- a/cmd/license_policy.go +++ b/cmd/license_policy.go @@ -65,33 +65,20 @@ const ( ) // TODO use to pre-validate --where clause keys -// var POLICY_LIST_TITLES = []string{ -// POLICY_FILTER_KEY_USAGE_POLICY, -// POLICY_FILTER_KEY_FAMILY, -// POLICY_FILTER_KEY_SPDX_ID, -// POLICY_FILTER_KEY_NAME, -// POLICY_FILTER_KEY_OSI_APPROVED, -// POLICY_FILTER_KEY_FSF_APPROVED, -// POLICY_FILTER_KEY_DEPRECATED, -// POLICY_FILTER_KEY_REFERENCE, -// POLICY_FILTER_KEY_ALIASES, -// POLICY_FILTER_KEY_ANNOTATIONS, -// POLICY_FILTER_KEY_NOTES, -// } // Describe the column data and their attributes and constraints used for formatting var LICENSE_POLICY_LIST_ROW_DATA = []ColumnFormatData{ - {POLICY_FILTER_KEY_USAGE_POLICY, 16, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_FAMILY, 20, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_SPDX_ID, 20, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_NAME, 20, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_OSI_APPROVED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_FSF_APPROVED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_DEPRECATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_REFERENCE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {POLICY_FILTER_KEY_ALIASES, 24, false, false}, - {POLICY_FILTER_KEY_ANNOTATIONS, 24, false, false}, - {POLICY_FILTER_KEY_NOTES, 24, false, false}, + *NewColumnFormatData(POLICY_FILTER_KEY_USAGE_POLICY, 16, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_FAMILY, 20, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_SPDX_ID, 20, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_NAME, 20, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_OSI_APPROVED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_FSF_APPROVED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_DEPRECATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_REFERENCE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(POLICY_FILTER_KEY_ALIASES, 24, false, false), + *NewColumnFormatData(POLICY_FILTER_KEY_ANNOTATIONS, 24, false, false), + *NewColumnFormatData(POLICY_FILTER_KEY_NOTES, 24, false, false), } // TODO: remove if we always map the old field names to new ones @@ -144,7 +131,7 @@ func NewCommandPolicy() *cobra.Command { // Make sure (optional) subcommand is known/valid if len(args) == 1 { - if !preRunTestForSubcommand(command, VALID_SUBCOMMANDS_POLICY, args[0]) { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_POLICY, args[0]) { return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) } } @@ -197,6 +184,12 @@ func processLicensePolicyListResults(err error) { } } +func sortLicensePolicies(keyNames []interface{}) { + sort.Slice(keyNames, func(i, j int) bool { + return keyNames[i].(string) < keyNames[j].(string) + }) +} + func ListLicensePolicies(writer io.Writer, policyConfig *schema.LicensePolicyConfig, persistentFlags utils.PersistentCommandFlags, licenseFlags utils.LicenseCommandFlags, whereFilters []common.WhereFilter) (err error) { @@ -265,9 +258,15 @@ func DisplayLicensePoliciesTabbedText(writer io.Writer, filteredPolicyMap *slice // Sort entries for listing by family name keys keyNames := filteredPolicyMap.KeySet() - sort.Slice(keyNames, func(i, j int) bool { - return keyNames[i].(string) < keyNames[j].(string) - }) + + // Emit no schemas found warning into output + // TODO Use only for Warning messages, do not emit in output table + if len(keyNames) == 0 { + return fmt.Errorf(MSG_OUTPUT_NO_POLICIES_FOUND) + } + + // Sort entries by family name + sortLicensePolicies(keyNames) // output each license policy entry as a line (by sorted key) var lines [][]string @@ -278,7 +277,6 @@ func DisplayLicensePoliciesTabbedText(writer io.Writer, filteredPolicyMap *slice getLogger().Tracef("%v (%t)", values, match) for _, value := range values { - // Wrap all column text (i.e. flag `--wrap=true`) if utils.GlobalFlags.LicenseFlags.ListLineWrap { policy := value.(schema.LicensePolicy) @@ -315,12 +313,15 @@ func DisplayLicensePoliciesTabbedText(writer io.Writer, filteredPolicyMap *slice } } else { - // TODO surface error data to top-level command - line, _ = prepareReportLineData( + line, err = prepareReportLineData( value.(schema.LicensePolicy), LICENSE_POLICY_LIST_ROW_DATA, flags.Summary, ) + // Only emit line if no error + if err != nil { + return + } fmt.Fprintf(w, "%s\n", strings.Join(line, "\t")) } @@ -356,9 +357,7 @@ func DisplayLicensePoliciesCSV(writer io.Writer, filteredPolicyMap *slicemultima } // Sort entries by family name - sort.Slice(keyNames, func(i, j int) bool { - return keyNames[i].(string) < keyNames[j].(string) - }) + sortLicensePolicies(keyNames) var line []string for _, key := range keyNames { @@ -366,13 +365,15 @@ func DisplayLicensePoliciesCSV(writer io.Writer, filteredPolicyMap *slicemultima getLogger().Tracef("%v (%t)", values, match) for _, value := range values { - // TODO surface error data to top-level command - line, _ = prepareReportLineData( + line, err = prepareReportLineData( value.(schema.LicensePolicy), LICENSE_POLICY_LIST_ROW_DATA, flags.Summary, ) - + // Only emit line if no error + if err != nil { + return + } if err = w.Write(line); err != nil { err = getLogger().Errorf("csv.Write: %w", err) } @@ -386,14 +387,13 @@ func DisplayLicensePoliciesMarkdown(writer io.Writer, filteredPolicyMap *slicemu getLogger().Enter() defer getLogger().Exit() - // Create title row data as []string + // Create title row data as []string, include columns depending on value of Summary flag. titles, _ := prepareReportTitleData(LICENSE_POLICY_LIST_ROW_DATA, flags.Summary) - - // create title row titleRow := createMarkdownRow(titles) fmt.Fprintf(writer, "%s\n", titleRow) - alignments := createMarkdownColumnAlignment(titles) + // create alignment row, include columns depending on value of Summary flag. + alignments := createMarkdownColumnAlignmentRow(LICENSE_POLICY_LIST_ROW_DATA, flags.Summary) alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", alignmentRow) @@ -409,24 +409,24 @@ func DisplayLicensePoliciesMarkdown(writer io.Writer, filteredPolicyMap *slicemu } // Sort entries by family name - sort.Slice(keyNames, func(i, j int) bool { - return keyNames[i].(string) < keyNames[j].(string) - }) + sortLicensePolicies(keyNames) var line []string var lineRow string - for _, key := range keyNames { values, match := filteredPolicyMap.Get(key) getLogger().Tracef("%v (%t)", values, match) for _, value := range values { - // TODO surface error data to top-level command - line, _ = prepareReportLineData( + line, err = prepareReportLineData( value.(schema.LicensePolicy), LICENSE_POLICY_LIST_ROW_DATA, flags.Summary, ) + // Only emit line if no error + if err != nil { + return + } lineRow = createMarkdownRow(line) fmt.Fprintf(writer, "%s\n", lineRow) } diff --git a/cmd/license_policy_test.go b/cmd/license_policy_test.go index 423f1033..efd9a19e 100644 --- a/cmd/license_policy_test.go +++ b/cmd/license_policy_test.go @@ -73,7 +73,7 @@ func LoadCustomPolicyFile(policyFile string) (customPolicyConfig *schema.License return } -func innerTestLicensePolicyListCustomAndBuffered(t *testing.T, testInfo *LicenseTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { +func innerTestLicensePolicyListCustomAndBuffered(testInfo *LicenseTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { // Declare an output outputBuffer/outputWriter to use used during tests var outputWriter = bufio.NewWriter(&outputBuffer) // ensure all data is written to buffer before further validation @@ -117,7 +117,7 @@ func innerTestLicensePolicyList(t *testing.T, testInfo *LicenseTestInfo) (output } // Perform the test with buffered output - outputBuffer, err = innerTestLicensePolicyListCustomAndBuffered(t, testInfo, whereFilters) + outputBuffer, err = innerTestLicensePolicyListCustomAndBuffered(testInfo, whereFilters) // Run all common tests against "result" values in the CommonTestInfo struct err = innerRunReportResultTests(t, &testInfo.CommonTestInfo, outputBuffer, err) diff --git a/cmd/license_test.go b/cmd/license_test.go index 9826ca32..27b27dc8 100644 --- a/cmd/license_test.go +++ b/cmd/license_test.go @@ -207,28 +207,28 @@ func TestLicenseListCdx14JsonNoneFound(t *testing.T) { func TestLicenseListCdx13CsvNoneFound(t *testing.T) { // Test CDX 1.3 document lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_3_NONE_FOUND, FORMAT_CSV, false) - lti.ResultExpectedLineCount = 2 // title only + newline + lti.ResultExpectedLineCount = 13 // title only + 11 UNDEFINED + newline innerTestLicenseList(t, lti) } func TestLicenseListCdx14CsvNoneFound(t *testing.T) { // Test CDX 1.4 document lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_4_NONE_FOUND, FORMAT_CSV, false) - lti.ResultExpectedLineCount = 2 // title only + newline + lti.ResultExpectedLineCount = 4 // title only + 2 UNDEFINED + newline innerTestLicenseList(t, lti) } func TestLicenseListCdx13MarkdownNoneFound(t *testing.T) { // Test CDX 1.3 document lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_3_NONE_FOUND, FORMAT_MARKDOWN, false) - lti.ResultExpectedLineCount = 3 // title and separator rows + newline + lti.ResultExpectedLineCount = 14 // title only + alignment row + 11 UNDEFINED + newline innerTestLicenseList(t, lti) } func TestLicenseListCdx14MarkdownNoneFound(t *testing.T) { // Test CDX 1.4 document lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_4_NONE_FOUND, FORMAT_MARKDOWN, false) - lti.ResultExpectedLineCount = 3 // title and separator rows + + newline + lti.ResultExpectedLineCount = 5 // title + alignment row + 2 UNDEFINED + newline innerTestLicenseList(t, lti) } @@ -244,6 +244,16 @@ func TestLicenseListCdx13Json(t *testing.T) { verifyFileLineCountAndIndentation(t, buffer, <i.CommonTestInfo) } +// NOTE: non-summary +func TestLicenseListCdx13Text(t *testing.T) { + lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_3, FORMAT_TEXT, false) + // lti.ResultExpectedLineCount = 93 // array of LicenseChoice JSON objects + newline + // lti.OutputIndent = 6 + // lti.ResultExpectedIndentLength = int(lti.OutputIndent) + // lti.ResultExpectedIndentAtLineNum = 1 + innerTestLicenseList(t, lti) +} + //--------------------------- // Summary flag tests //--------------------------- @@ -267,8 +277,8 @@ func TestLicenseListSummaryCdx13Csv(t *testing.T) { innerTestLicenseList(t, lti) } -func TestLicenseListTextSummaryCdx14ContainsUndefined(t *testing.T) { - lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_4_NONE_FOUND, FORMAT_DEFAULT, true) +func TestLicenseListTextSummaryCdx14TextContainsUndefined(t *testing.T) { + lti := NewLicenseTestInfo(TEST_LICENSE_LIST_CDX_1_4_NONE_FOUND, FORMAT_TEXT, true) lti.ResultExpectedLineCount = 5 // 2 title, 2 with UNDEFINED + newline unknownLCValue := schema.GetLicenseChoiceTypeName(schema.LC_LOC_UNKNOWN) lti.ResultLineContainsValues = []string{schema.POLICY_UNDEFINED, unknownLCValue, LICENSE_NO_ASSERTION, "package-lock.json"} diff --git a/cmd/patch.go b/cmd/patch.go index cbe25d5c..0d5ba935 100644 --- a/cmd/patch.go +++ b/cmd/patch.go @@ -54,7 +54,7 @@ var PATCH_OUTPUT_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + strings.Join([]string{FORMAT_JSON}, ", ") // Command PreRunE helper function to test for patch file -func preRunTestForPatchFile(cmd *cobra.Command, args []string) error { +func preRunTestForPatchFile(args []string) error { getLogger().Enter() defer getLogger().Exit() getLogger().Tracef("args: %v", args) @@ -77,11 +77,11 @@ func NewCommandPatch() *cobra.Command { command.RunE = patchCmdImpl command.PreRunE = func(cmd *cobra.Command, args []string) (err error) { // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) if err != nil { return } - err = preRunTestForPatchFile(cmd, args) + err = preRunTestForPatchFile(args) if err != nil { return } diff --git a/cmd/patch_test.go b/cmd/patch_test.go index 96580c93..ea1b069d 100644 --- a/cmd/patch_test.go +++ b/cmd/patch_test.go @@ -144,7 +144,7 @@ func innerTestPatch(t *testing.T, testInfo *PatchTestInfo) (outputBuffer bytes.B } // invoke resource list command with a byte buffer - outputBuffer, err = innerBufferedTestPatch(t, testInfo) + outputBuffer, err = innerBufferedTestPatch(testInfo) // if the command resulted in a failure if err != nil { // if tests asks us to report a FAIL to the test framework @@ -159,7 +159,7 @@ func innerTestPatch(t *testing.T, testInfo *PatchTestInfo) (outputBuffer bytes.B return } -func innerBufferedTestPatch(t *testing.T, testInfo *PatchTestInfo) (outputBuffer bytes.Buffer, err error) { +func innerBufferedTestPatch(testInfo *PatchTestInfo) (outputBuffer bytes.Buffer, err error) { // The command looks for the input & output filename in global flags struct utils.GlobalFlags.PersistentFlags.InputFile = testInfo.InputFile diff --git a/cmd/query.go b/cmd/query.go index 7a612e7d..6b71cb51 100644 --- a/cmd/query.go +++ b/cmd/query.go @@ -62,7 +62,7 @@ func NewCommandQuery() *cobra.Command { command.Long = "SQL-like query (i.e. SELECT x,y FROM a.b.c WHERE x=) of JSON objects and specified fields from SBOM (JSON) document." command.RunE = queryCmdImpl command.PreRunE = func(cmd *cobra.Command, args []string) error { - return preRunTestForInputFile(cmd, args) + return preRunTestForInputFile(args) } initCommandQuery(command) return command diff --git a/cmd/query_test.go b/cmd/query_test.go index 30e6ba42..0ed40ae4 100644 --- a/cmd/query_test.go +++ b/cmd/query_test.go @@ -61,7 +61,7 @@ func innerQuery(t *testing.T, cti *CommonTestInfo, queryRequest *common.QueryReq // allocate response/result object and invoke query var queryResponse = new(common.QueryResponse) - resultJson, outputBuffer, err = innerBufferedTestQuery(t, cti, queryRequest, queryResponse) + resultJson, outputBuffer, err = innerBufferedTestQuery(cti, queryRequest, queryResponse) // if the command resulted in a failure if err != nil { @@ -83,7 +83,7 @@ func innerQuery(t *testing.T, cti *CommonTestInfo, queryRequest *common.QueryReq return } -func innerBufferedTestQuery(t *testing.T, testInfo *CommonTestInfo, queryRequest *common.QueryRequest, queryResponse *common.QueryResponse) (resultJson interface{}, outputBuffer bytes.Buffer, err error) { +func innerBufferedTestQuery(testInfo *CommonTestInfo, queryRequest *common.QueryRequest, queryResponse *common.QueryResponse) (resultJson interface{}, outputBuffer bytes.Buffer, err error) { // The command looks for the input & output filename in global flags struct utils.GlobalFlags.PersistentFlags.InputFile = testInfo.InputFile diff --git a/cmd/report.go b/cmd/report.go index a3718fd1..d16209b3 100644 --- a/cmd/report.go +++ b/cmd/report.go @@ -39,22 +39,13 @@ const ( REPORT_LIST_VALUE_NONE = "none" ) -// Text report helpers -func createTitleTextSeparators(titles []string) (separatorLine []string) { - var underline string - for _, title := range titles { - underline = strings.Repeat(REPORT_LIST_TITLE_ROW_SEPARATOR, len(title)) - separatorLine = append(separatorLine, underline) - } - return -} - // Markdown report helpers const ( MD_COLUMN_SEPARATOR = "|" MD_ALIGN_LEFT = ":--" MD_ALIGN_CENTER = "-:-" MD_ALIGN_RIGHT = "--:" + MD_ALIGN_DEFAULT = MD_ALIGN_LEFT ) // Helper function in case displayed table columns become too wide @@ -69,9 +60,15 @@ func truncateString(value string, maxLength int, showDetail bool) string { return value } -func createMarkdownColumnAlignment(titles []string) (alignment []string) { - for range titles { - alignment = append(alignment, MD_ALIGN_LEFT) +// TODO: Allow column format data to include MD_ALIGN_xxx values +func createMarkdownColumnAlignmentRow(columns []ColumnFormatData, summarizedReport bool) (alignment []string) { + for _, column := range columns { + // if it is a summary report being created, but the column is not marked summary data + if summarizedReport && !column.IsSummaryData { + continue // skip to next column + } + // it is summary colum data, include it in the alignment row formatting + alignment = append(alignment, MD_ALIGN_DEFAULT) } return } @@ -93,7 +90,6 @@ func processWhereFlag(cmd *cobra.Command) (whereFilters []common.WhereFilter, er } whereFilters, err = retrieveWhereFilters(whereValues) - return } @@ -166,7 +162,9 @@ func wrapTableRowText(maxChars int, joinChar string, columns ...interface{}) (ta // Report column data values const REPORT_SUMMARY_DATA_TRUE = true +const REPORT_SUMMARY_DATA_FALSE = false const REPORT_REPLACE_LINE_FEEDS_TRUE = true +const REPORT_REPLACE_LINE_FEEDS_FALSE = false const DEFAULT_COLUMN_TRUNCATE_LENGTH = -1 // TODO: Support additional flags to: @@ -174,17 +172,30 @@ const DEFAULT_COLUMN_TRUNCATE_LENGTH = -1 // - provide "empty" value to display in column (e.g., "none" or "UNDEFINED") // - inform how to "summarize" (e.g., show-first-only) data if data type is a slice (e.g., []string) // NOTE: if only a subset of entries are shown on a summary, an indication of (x) entries could be shown as well +// - Support Markdown column alignment (e.g., MD_ALIGN_xxx values) type ColumnFormatData struct { DataKey string // Note: data key is the column label (where possible) DefaultTruncateLength int // truncate data when `--format txt` IsSummaryData bool // include in `--summary` reports ReplaceLineFeeds bool // replace line feeds with spaces (e.g., for multi-line descriptions) + Alignment string } -func prepareReportTitleData(formatData []ColumnFormatData, summarizedReport bool) (titleData []string, separatorData []string) { +func NewColumnFormatData(key string, truncateLen int, isSummary bool, replaceLineFeeds bool) (foo *ColumnFormatData) { + foo = new(ColumnFormatData) + foo.DataKey = key + foo.DefaultTruncateLength = truncateLen + foo.IsSummaryData = isSummary + foo.ReplaceLineFeeds = replaceLineFeeds + return +} - var underline string +func (data *ColumnFormatData) SetAlignment(alignment string) { + data.Alignment = alignment +} +func prepareReportTitleData(formatData []ColumnFormatData, summarizedReport bool) (titleData []string, separatorData []string) { + var underline string for _, columnData := range formatData { // if the report we are preparing is a summarized one (i.e., --summary true) @@ -197,7 +208,6 @@ func prepareReportTitleData(formatData []ColumnFormatData, summarizedReport bool underline = strings.Repeat(REPORT_LIST_TITLE_ROW_SEPARATOR, len(columnData.DataKey)) separatorData = append(separatorData, underline) } - return } @@ -223,10 +233,13 @@ func prepareReportLineData(structIn interface{}, formatData []ColumnFormatData, data, dataFound = mapStruct[columnData.DataKey] if !dataFound { - err = getLogger().Errorf("data not found in structure: key: `%s`", columnData.DataKey) - return + // TODO: change back? + getLogger().Errorf("data not found in structure: key: `%s`", columnData.DataKey) + data = "" + //return } + //fmt.Printf("data: `%v` (%T)\n", data, data) switch typedData := data.(type) { case string: // replace line feeds with spaces in description diff --git a/cmd/resource.go b/cmd/resource.go index a913dad1..dd174372 100644 --- a/cmd/resource.go +++ b/cmd/resource.go @@ -42,31 +42,19 @@ var VALID_SUBCOMMANDS_RESOURCE = []string{SUBCOMMAND_RESOURCE_LIST} // filter keys // Note: these string values MUST match annotations for the ResourceInfo struct fields const ( - RESOURCE_FILTER_KEY_TYPE = "type" - RESOURCE_FILTER_KEY_NAME = "name" - RESOURCE_FILTER_KEY_VERSION = "version" - RESOURCE_FILTER_KEY_BOMREF = "bom-ref" + RESOURCE_FILTER_KEY_RESOURCE_TYPE = "resource-type" + RESOURCE_FILTER_KEY_NAME = "name" + RESOURCE_FILTER_KEY_VERSION = "version" + RESOURCE_FILTER_KEY_BOMREF = "bom-ref" + RESOURCE_FILTER_KEY_GROUP = "group" + RESOURCE_FILTER_KEY_DESCRIPTION = "description" ) -var VALID_RESOURCE_FILTER_KEYS = []string{ - RESOURCE_FILTER_KEY_TYPE, - RESOURCE_FILTER_KEY_NAME, - RESOURCE_FILTER_KEY_VERSION, - RESOURCE_FILTER_KEY_BOMREF, -} - -var RESOURCE_LIST_TITLES = []string{ - RESOURCE_FILTER_KEY_TYPE, - RESOURCE_FILTER_KEY_NAME, - RESOURCE_FILTER_KEY_VERSION, - RESOURCE_FILTER_KEY_BOMREF, -} - var RESOURCE_LIST_ROW_DATA = []ColumnFormatData{ - {RESOURCE_FILTER_KEY_TYPE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {RESOURCE_FILTER_KEY_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {RESOURCE_FILTER_KEY_VERSION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {RESOURCE_FILTER_KEY_BOMREF, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, REPORT_REPLACE_LINE_FEEDS_TRUE}, + *NewColumnFormatData(RESOURCE_FILTER_KEY_RESOURCE_TYPE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(RESOURCE_FILTER_KEY_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(RESOURCE_FILTER_KEY_VERSION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(RESOURCE_FILTER_KEY_BOMREF, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, REPORT_REPLACE_LINE_FEEDS_TRUE), } // Flags. Reuse query flag values where possible @@ -90,8 +78,8 @@ var RESOURCE_LIST_OUTPUT_SUPPORTED_FORMATS = MSG_SUPPORTED_OUTPUT_FORMATS_HELP + func NewCommandResource() *cobra.Command { var command = new(cobra.Command) command.Use = CMD_USAGE_RESOURCE_LIST - command.Short = "Report on resources found in BOM input file" - command.Long = "Report on resources found in BOM input file" + command.Short = "Report on resources (i.e., components, services) found in the BOM input file" + command.Long = "Report on resources (i.e., components, services) found in the BOM input file" command.Flags().StringVarP(&utils.GlobalFlags.PersistentFlags.OutputFormat, FLAG_FILE_OUTPUT_FORMAT, "", FORMAT_TEXT, FLAG_RESOURCE_OUTPUT_FORMAT_HELP+RESOURCE_LIST_OUTPUT_SUPPORTED_FORMATS) command.Flags().StringP(FLAG_RESOURCE_TYPE, "", schema.RESOURCE_TYPE_DEFAULT, FLAG_RESOURCE_TYPE_HELP) @@ -106,7 +94,7 @@ func NewCommandResource() *cobra.Command { // Make sure (optional) subcommand is known/valid if len(args) == 1 { - if !preRunTestForSubcommand(command, VALID_SUBCOMMANDS_RESOURCE, args[0]) { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_RESOURCE, args[0]) { return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) } } @@ -116,7 +104,7 @@ func NewCommandResource() *cobra.Command { } // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) return } @@ -201,7 +189,7 @@ func ListResources(writer io.Writer, persistentFlags utils.PersistentCommandFlag return } - // Hash all licenses within input file + // Hash all resources (i.e., components, services for now) within input file getLogger().Infof("Scanning document for licenses...") err = loadDocumentResources(document, resourceFlags.ResourceType, whereFilters) @@ -269,8 +257,8 @@ func sortResources(entries []multimap.Entry) { sort.Slice(entries, func(i, j int) bool { resource1 := (entries[i].Value).(schema.CDXResourceInfo) resource2 := (entries[j].Value).(schema.CDXResourceInfo) - if resource1.Type != resource2.Type { - return resource1.Type < resource2.Type + if resource1.ResourceType != resource2.ResourceType { + return resource1.ResourceType < resource2.ResourceType } return resource1.Name < resource2.Name }) @@ -290,7 +278,7 @@ func DisplayResourceListText(bom *schema.BOM, writer io.Writer) (err error) { w.Init(writer, 8, 2, 2, ' ', 0) // create title row and underline row from slices of optional and compulsory titles - titles, underlines := prepareReportTitleData(RESOURCE_LIST_ROW_DATA, true) + titles, underlines := prepareReportTitleData(RESOURCE_LIST_ROW_DATA, false) // Add tabs between column titles for the tabWRiter fmt.Fprintf(w, "%s\n", strings.Join(titles, "\t")) @@ -335,7 +323,7 @@ func DisplayResourceListCSV(bom *schema.BOM, writer io.Writer) (err error) { defer w.Flush() // Create title row data as []string - titles, _ := prepareReportTitleData(RESOURCE_LIST_ROW_DATA, true) + titles, _ := prepareReportTitleData(RESOURCE_LIST_ROW_DATA, false) if err = w.Write(titles); err != nil { return getLogger().Errorf("error writing to output (%v): %s", titles, err) @@ -380,15 +368,13 @@ func DisplayResourceListMarkdown(bom *schema.BOM, writer io.Writer) (err error) getLogger().Enter() defer getLogger().Exit() - // Create title row data as []string + // Create title row data as []string, include all columns that are flagged "summary" data titles, _ := prepareReportTitleData(RESOURCE_LIST_ROW_DATA, true) - - // create title row titleRow := createMarkdownRow(titles) fmt.Fprintf(writer, "%s\n", titleRow) - // create alignment row - alignments := createMarkdownColumnAlignment(RESOURCE_LIST_TITLES) + // create alignment row, include all columns that are flagged "summary" data + alignments := createMarkdownColumnAlignmentRow(RESOURCE_LIST_ROW_DATA, true) alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", alignmentRow) @@ -404,7 +390,6 @@ func DisplayResourceListMarkdown(bom *schema.BOM, writer io.Writer) (err error) // Sort resources prior to outputting sortResources(entries) - //var resourceInfo schema.CDXResourceInfo var line []string var lineRow string for _, entry := range entries { diff --git a/cmd/resource_test.go b/cmd/resource_test.go index f8f8efc2..51a58677 100644 --- a/cmd/resource_test.go +++ b/cmd/resource_test.go @@ -71,7 +71,7 @@ func NewResourceTestInfoBasic(inputFile string, listFormat string, resultExpecte // ------------------------------------------- // resource list test helper functions // ------------------------------------------- -func innerBufferedTestResourceList(t *testing.T, testInfo *ResourceTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { +func innerBufferedTestResourceList(testInfo *ResourceTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { // Declare an output outputBuffer/outputWriter to use used during tests var outputWriter = bufio.NewWriter(&outputBuffer) // ensure all data is written to buffer before further validation @@ -113,7 +113,7 @@ func innerTestResourceList(t *testing.T, testInfo *ResourceTestInfo) (outputBuff } // invoke resource list command with a byte buffer - outputBuffer, err = innerBufferedTestResourceList(t, testInfo, whereFilters) + outputBuffer, err = innerBufferedTestResourceList(testInfo, whereFilters) // Run all common tests against "result" values in the CommonTestInfo struct err = innerRunReportResultTests(t, &testInfo.CommonTestInfo, outputBuffer, err) diff --git a/cmd/root.go b/cmd/root.go index ad124cae..e0fe488d 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -37,6 +37,7 @@ var SupportedFormatConfig schema.BOMFormatAndSchemaConfig // top-level commands const ( + CMD_COMPONENT = "component" CMD_DIFF = "diff" CMD_LICENSE = "license" CMD_QUERY = "query" @@ -53,16 +54,17 @@ const ( // WARNING!!! The ".Use" field of a Cobra command MUST have the first word be the actual command // otherwise, the command will NOT be found by the Cobra framework. This is poor code assumption is NOT documented. const ( + CMD_USAGE_COMPONENT_LIST = CMD_COMPONENT + " " + SUBCOMMAND_LICENSE_LIST + " --input-file [--type type1[,typeN]>] [--where key=regex[,...]] [--format txt|csv|md]" CMD_USAGE_DIFF = CMD_DIFF + " --input-file --input-revision [--format json|txt] [--colorize=true|false]" CMD_USAGE_LICENSE_LIST = SUBCOMMAND_LICENSE_LIST + " --input-file [--summary] [--where key=regex[,...]] [--format json|txt|csv|md]" CMD_USAGE_LICENSE_POLICY = SUBCOMMAND_LICENSE_POLICY + " [--where key=regex[,...]] [--format txt|csv|md]" - CMD_USAGE_QUERY = CMD_QUERY + " --input-file [--select * | field1[,fieldN]] [--from [key1[.keyN]] [--where key=regex[,...]]" + CMD_USAGE_QUERY = CMD_QUERY + " --input-file [--select * | field1[,fieldN]] [--from key1[.keyN]] [--where key=regex[,...]]" CMD_USAGE_RESOURCE_LIST = CMD_RESOURCE + " --input-file [--type component|service] [--where key=regex[,...]] [--format txt|csv|md]" CMD_USAGE_SCHEMA_LIST = CMD_SCHEMA + " [--where key=regex[,...]] [--format txt|csv|md]" CMD_USAGE_VALIDATE = CMD_VALIDATE + " --input-file [--variant ] [--format txt|json] [--force schema_file]" CMD_USAGE_VULNERABILITY_LIST = CMD_VULNERABILITY + " " + SUBCOMMAND_VULNERABILITY_LIST + " --input-file [--summary] [--where key=regex[,...]] [--format json|txt|csv|md]" CMD_USAGE_STATS_LIST = CMD_STATS + " --input-file [--type component|service] [--format txt|csv|md]" - CMD_USAGE_TRIM = CMD_TRIM + " --input-file --output-file " + CMD_USAGE_TRIM = CMD_TRIM + " --input-file --output-file [--normalize]" CMD_USAGE_PATCH = CMD_PATCH + " --input-file --patch-file --output-file " ) @@ -207,6 +209,7 @@ func init() { rootCmd.AddCommand(NewCommandDiff()) rootCmd.AddCommand(NewCommandTrim()) rootCmd.AddCommand(NewCommandPatch()) + rootCmd.AddCommand(NewCommandComponent()) // TODO: when fully implemented uncomment: //rootCmd.AddCommand(NewCommandStats()) @@ -288,7 +291,7 @@ func Execute() { } // Command PreRunE helper function to test for input file -func preRunTestForInputFile(cmd *cobra.Command, args []string) error { +func preRunTestForInputFile(args []string) error { getLogger().Enter() defer getLogger().Exit() getLogger().Tracef("args: %v", args) @@ -307,7 +310,7 @@ func preRunTestForInputFile(cmd *cobra.Command, args []string) error { // TODO: when the package "golang.org/x/exp/slices" is graduated from "experimental", replace // for loop with the "Contains" method. -func preRunTestForSubcommand(cmd *cobra.Command, validSubcommands []string, subcommand string) bool { +func preRunTestForSubcommand(validSubcommands []string, subcommand string) bool { getLogger().Enter() defer getLogger().Exit() getLogger().Tracef("subcommands: %v, subcommand: `%v`", validSubcommands, subcommand) diff --git a/cmd/root_test.go b/cmd/root_test.go index e1eafa37..2efebdc3 100644 --- a/cmd/root_test.go +++ b/cmd/root_test.go @@ -269,7 +269,7 @@ func bufferLineContainsValues(buffer bytes.Buffer, lineNum int, values ...string for curLineNum, line := range lines { - // if ths is a line we need to test + // if this is a line we need to test if lineNum == RESULT_LINE_CONTAINS_ANY || curLineNum == lineNum { // test that all values occur in the current line for iValue, value := range values { diff --git a/cmd/schema.go b/cmd/schema.go index d5402a2b..72678f5f 100644 --- a/cmd/schema.go +++ b/cmd/schema.go @@ -58,12 +58,12 @@ const ( // NOTE: columns will be output in order they are listed here: var SCHEMA_LIST_ROW_DATA = []ColumnFormatData{ - {SCHEMA_DATA_KEY_KEY_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {SCHEMA_DATA_KEY_KEY_VARIANT, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {SCHEMA_DATA_KEY_KEY_FORMAT, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {SCHEMA_DATA_KEY_KEY_VERSION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {SCHEMA_DATA_KEY_KEY_FILE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {SCHEMA_DATA_KEY_KEY_SOURCE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_VARIANT, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_FORMAT, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_VERSION, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_FILE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(SCHEMA_DATA_KEY_KEY_SOURCE, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), } // Command help formatting @@ -90,7 +90,7 @@ func NewCommandSchema() *cobra.Command { // Make sure (optional) subcommand is known/valid if len(args) == 1 { - if !preRunTestForSubcommand(command, VALID_SUBCOMMANDS_SCHEMA, args[0]) { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_SCHEMA, args[0]) { return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) } } @@ -123,18 +123,15 @@ func schemaCmdImpl(cmd *cobra.Command, args []string) (err error) { // process filters supplied on the --where command flag whereFilters, err := processWhereFlag(cmd) - if err != nil { return } err = ListSchemas(writer, utils.GlobalFlags.PersistentFlags, whereFilters) - return } func flattenFormatSchemas(sliceFormatSchemas []schema.FormatSchema) (flattenedFormatSchemas []schema.FormatSchemaInstance) { - for _, format := range sliceFormatSchemas { for _, schema := range format.Schemas { schema.Format = format.CanonicalName @@ -155,7 +152,6 @@ func filterFormatSchemas(whereFilters []common.WhereFilter) (filteredFormats []s sliceSchemas := flattenFormatSchemas(sliceFormats) for _, schema := range sliceSchemas { - var match bool = true if len(whereFilters) > 0 { @@ -169,9 +165,7 @@ func filterFormatSchemas(whereFilters []common.WhereFilter) (filteredFormats []s getLogger().Tracef("append: %s\n", schema.Name) } - } - return } @@ -191,7 +185,6 @@ func sortFormatSchemaInstances(filteredSchemas []schema.FormatSchemaInstance) [] return schema1.Variant < schema2.Variant }) - return filteredSchemas } @@ -256,22 +249,23 @@ func DisplaySchemasTabbedText(writer io.Writer, filteredSchemas []schema.FormatS // Sort by Format, Version, Variant filteredSchemas = sortFormatSchemaInstances(filteredSchemas) - // Emit rows + // Emit row data + var line []string for _, schemaInstance := range filteredSchemas { - - fmt.Fprintf(w, "%v\t%s\t%s\t%s\t%s\t%s\n", - schemaInstance.Name, - schema.FormatSchemaVariant(schemaInstance.Variant), - schemaInstance.Format, - schemaInstance.Version, - schemaInstance.File, - schemaInstance.Url, + // Supply variant name "latest" (the default name), if not otherwise declared in schema definition + schemaInstance.Variant = schema.FormatSchemaVariant(schemaInstance.Variant) + line, err = prepareReportLineData( + schemaInstance, + SCHEMA_LIST_ROW_DATA, + true, ) + // Only emit line if no error + if err != nil { + return + } + fmt.Fprintf(w, "%s\n", strings.Join(line, "\t")) } - - // Always end on a newline - fmt.Fprintln(w, "") - return nil + return } // TODO: Add a --no-title flag to skip title output @@ -279,12 +273,14 @@ func DisplaySchemasMarkdown(writer io.Writer, filteredSchemas []schema.FormatSch getLogger().Enter() defer getLogger().Exit() - // create title row and alignment row from slices of optional and compulsory titles - titles, _ := prepareReportTitleData(SCHEMA_LIST_ROW_DATA, false) + // Create title row data as []string, include all columns that are flagged "summary" data + titles, _ := prepareReportTitleData(SCHEMA_LIST_ROW_DATA, true) titleRow := createMarkdownRow(titles) - alignments := createMarkdownColumnAlignment(titles) - alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", titleRow) + + // create alignment row, include all columns that are flagged "summary" data + alignments := createMarkdownColumnAlignmentRow(SCHEMA_LIST_ROW_DATA, true) + alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", alignmentRow) // Emit no schemas found warning into output @@ -293,27 +289,23 @@ func DisplaySchemasMarkdown(writer io.Writer, filteredSchemas []schema.FormatSch return fmt.Errorf(MSG_OUTPUT_NO_SCHEMAS_FOUND) } - var line []string - var lineRow string - // Sort by Format, Version, Variant filteredSchemas = sortFormatSchemaInstances(filteredSchemas) - // Emit rows + var line []string + var lineRow string for _, schemaInstance := range filteredSchemas { - - // reset current line - line = nil - - line = append(line, - schemaInstance.Name, - schema.FormatSchemaVariant(schemaInstance.Variant), - schemaInstance.Format, - schemaInstance.Version, - schemaInstance.File, - schemaInstance.Url, + // Supply variant name "latest" (the default name), if not otherwise declared in schema definition + schemaInstance.Variant = schema.FormatSchemaVariant(schemaInstance.Variant) + line, err = prepareReportLineData( + schemaInstance, + SCHEMA_LIST_ROW_DATA, + true, ) - + // Only emit line if no error + if err != nil { + return + } lineRow = createMarkdownRow(line) fmt.Fprintf(writer, "%s\n", lineRow) } @@ -345,28 +337,25 @@ func DisplaySchemasCSV(writer io.Writer, filteredSchemas []schema.FormatSchemaIn return fmt.Errorf(currentRow[0]) } - var line []string - // Sort by Format, Version, Variant filteredSchemas = sortFormatSchemaInstances(filteredSchemas) - // Emit rows + var line []string for _, schemaInstance := range filteredSchemas { - - line = nil - line = append(line, - schemaInstance.Name, - schema.FormatSchemaVariant(schemaInstance.Variant), - schemaInstance.Format, - schemaInstance.Version, - schemaInstance.File, - schemaInstance.Url, - ) - + // Supply variant name "latest" (the default name), if not otherwise declared in schema definition + schemaInstance.Variant = schema.FormatSchemaVariant(schemaInstance.Variant) + line, err = prepareReportLineData( + schemaInstance, + SCHEMA_LIST_ROW_DATA, + true) + + // Only emit line if no error + if err != nil { + return + } if err = w.Write(line); err != nil { - return getLogger().Errorf("error writing to output (%v): %s", line, err) + err = getLogger().Errorf("csv.Write: %w", err) } } - return } diff --git a/cmd/schema_test.go b/cmd/schema_test.go index 2f0770ec..a674a31e 100644 --- a/cmd/schema_test.go +++ b/cmd/schema_test.go @@ -31,7 +31,7 @@ import ( // resource list test helper functions // ------------------------------------------- -func innerBufferedTestSchemaList(t *testing.T, pTestInfo *CommonTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { +func innerBufferedTestSchemaList(pTestInfo *CommonTestInfo, whereFilters []common.WhereFilter) (outputBuffer bytes.Buffer, err error) { // Declare an output outputBuffer/outputWriter to use used during tests var outputWriter = bufio.NewWriter(&outputBuffer) // ensure all data is written to buffer before further validation @@ -53,7 +53,7 @@ func innerTestSchemaList(t *testing.T, pTestInfo *CommonTestInfo) (outputBuffer } // invoke resource list command with a byte buffer - outputBuffer, err = innerBufferedTestSchemaList(t, pTestInfo, whereFilters) + outputBuffer, err = innerBufferedTestSchemaList(pTestInfo, whereFilters) // Run all common tests against "result" values in the CommonTestInfo struct err = innerRunReportResultTests(t, pTestInfo, outputBuffer, err) diff --git a/cmd/stats.go b/cmd/stats.go index b92c0edb..b456c97a 100644 --- a/cmd/stats.go +++ b/cmd/stats.go @@ -44,7 +44,7 @@ func NewCommandStats() *cobra.Command { // TODO: command.ValidArgs = VALID_SUBCOMMANDS_S command.PreRunE = func(cmd *cobra.Command, args []string) (err error) { // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) return } return command @@ -212,13 +212,6 @@ func DisplayStatsText(bom *schema.BOM, writer io.Writer) { // min-width, tab-width, padding, pad-char, flags w.Init(writer, 8, 2, 2, ' ', 0) - // create underline row from compulsory titles - underlines := createTitleTextSeparators(RESOURCE_LIST_TITLES) - - // Add tabs between column titles for the tabWRiter - fmt.Fprintf(w, "%s\n", strings.Join(RESOURCE_LIST_TITLES, "\t")) - fmt.Fprintf(w, "%s\n", strings.Join(underlines, "\t")) - // Display a warning "missing" in the actual output and return (short-circuit) entries := bom.ResourceMap.Entries() @@ -232,8 +225,8 @@ func DisplayStatsText(bom *schema.BOM, writer io.Writer) { sort.Slice(entries, func(i, j int) bool { resource1 := (entries[i].Value).(schema.CDXResourceInfo) resource2 := (entries[j].Value).(schema.CDXResourceInfo) - if resource1.Type != resource2.Type { - return resource1.Type < resource2.Type + if resource1.ResourceType != resource2.ResourceType { + return resource1.ResourceType < resource2.ResourceType } return resource1.Name < resource2.Name @@ -247,7 +240,7 @@ func DisplayStatsText(bom *schema.BOM, writer io.Writer) { // Format line and write to output fmt.Fprintf(w, "%s\t%s\t%s\t%s\n", - resourceInfo.Type, + resourceInfo.ResourceType, resourceInfo.Name, resourceInfo.Version, resourceInfo.BOMRef) diff --git a/cmd/stats_test.go b/cmd/stats_test.go index 05dc6d87..77a6e072 100644 --- a/cmd/stats_test.go +++ b/cmd/stats_test.go @@ -68,7 +68,7 @@ func innerBufferedTestStatsList(testInfo *StatsTestInfo) (outputBuffer bytes.Buf return } -func innerTestStatsList(t *testing.T, testInfo *StatsTestInfo) (outputBuffer bytes.Buffer, basicTestInfo string, err error) { +func innerTestStatsList(testInfo *StatsTestInfo) (outputBuffer bytes.Buffer, basicTestInfo string, err error) { getLogger().Tracef("TestInfo: %s", testInfo) // The command looks for the input filename in global flags struct @@ -112,7 +112,7 @@ func TestStatsListFormatUnsupportedSPDXMinReq(t *testing.T) { ) // verify correct error is returned - innerTestStatsList(t, ti) + innerTestStatsList(ti) } // ------------------------------------------- @@ -126,5 +126,5 @@ func TestStatsCdx14SampleXXL1(t *testing.T) { ) // verify correct error is returned - innerTestStatsList(t, ti) + innerTestStatsList(ti) } diff --git a/cmd/trim.go b/cmd/trim.go index df6d7e2c..b2741cfb 100644 --- a/cmd/trim.go +++ b/cmd/trim.go @@ -60,7 +60,7 @@ func NewCommandTrim() *cobra.Command { command.RunE = trimCmdImpl command.PreRunE = func(cmd *cobra.Command, args []string) (err error) { // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) return } initCommandTrimFlags(command) diff --git a/cmd/trim_test.go b/cmd/trim_test.go index 98b2430e..ba341c42 100644 --- a/cmd/trim_test.go +++ b/cmd/trim_test.go @@ -83,7 +83,7 @@ func innerTestTrim(t *testing.T, testInfo *TrimTestInfo) (outputBuffer bytes.Buf } // invoke resource list command with a byte buffer - outputBuffer, err = innerBufferedTestTrim(t, testInfo) + outputBuffer, err = innerBufferedTestTrim(testInfo) // if the command resulted in a failure if err != nil { // if tests asks us to report a FAIL to the test framework @@ -98,7 +98,7 @@ func innerTestTrim(t *testing.T, testInfo *TrimTestInfo) (outputBuffer bytes.Buf return } -func innerBufferedTestTrim(t *testing.T, testInfo *TrimTestInfo) (outputBuffer bytes.Buffer, err error) { +func innerBufferedTestTrim(testInfo *TrimTestInfo) (outputBuffer bytes.Buffer, err error) { // The command looks for the input & output filename in global flags struct utils.GlobalFlags.PersistentFlags.InputFile = testInfo.InputFile @@ -225,7 +225,7 @@ func TestTrimCdx14PreserveUnencodedChars(t *testing.T) { ti := NewTrimTestInfo(TEST_TRIM_CDX_1_4_ENCODED_CHARS, nil) ti.OutputFile = ti.CreateTemporaryTestOutputFilename(TEST_TRIM_CDX_1_4_ENCODED_CHARS) ti.Keys = append(ti.Keys, "name") - outputBuffer, _ := innerBufferedTestTrim(t, ti) + outputBuffer, _ := innerBufferedTestTrim(ti) TEST1 := "" TEST2 := "" @@ -247,7 +247,7 @@ func TestTrimCdx14ComponentPropertiesSampleXXLBuffered(t *testing.T) { ti := NewTrimTestInfo(TEST_TRIM_CDX_1_4_SAMPLE_XXL_1, nil) ti.Keys = append(ti.Keys, "properties") ti.ResultExpectedByteSize = 8121420 - outputBuffer, _ := innerBufferedTestTrim(t, ti) + outputBuffer, _ := innerBufferedTestTrim(ti) // verify "after" trim lengths and content have removed properties getLogger().Tracef("Len(outputBuffer): `%v`\n", outputBuffer.Len()) if ti.ResultExpectedByteSize > 0 { diff --git a/cmd/validate.go b/cmd/validate.go index 17bb7c7c..5a72ed25 100644 --- a/cmd/validate.go +++ b/cmd/validate.go @@ -82,7 +82,7 @@ func NewCommandValidate() *cobra.Command { command.Flags().StringVarP(&utils.GlobalFlags.PersistentFlags.OutputFormat, FLAG_FILE_OUTPUT_FORMAT, "", "", MSG_VALIDATE_FLAG_ERR_FORMAT+VALIDATE_SUPPORTED_ERROR_FORMATS) command.PreRunE = func(cmd *cobra.Command, args []string) error { - return preRunTestForInputFile(cmd, args) + return preRunTestForInputFile(args) } initCommandValidateFlags(command) return command diff --git a/cmd/validate_custom.go b/cmd/validate_custom.go index 2635ccba..0cddfe44 100644 --- a/cmd/validate_custom.go +++ b/cmd/validate_custom.go @@ -227,7 +227,8 @@ func validateLicenseData(document *schema.BOM, policyConfig *schema.LicensePolic // Now we need to validate that the input file contains licenses // the license "hash" function does this validation checking for us... // TODO support []WhereFilter - err = loadDocumentLicenses(document, policyConfig, nil) + // NOTE: licenseFlags will be all defaults (should not matter for simple true/false validation) + err = loadDocumentLicenses(document, policyConfig, nil, utils.GlobalFlags.LicenseFlags) if err != nil { return diff --git a/cmd/validate_format.go b/cmd/validate_format.go index 2d53f1b4..32593949 100644 --- a/cmd/validate_format.go +++ b/cmd/validate_format.go @@ -348,7 +348,7 @@ func DisplaySchemaErrorsCsv(writer io.Writer, errs []gojsonschema.ResultError, f // Emit title row if err := w.Write(VALIDATION_ERROR_TITLES); err != nil { - _ = getLogger().Errorf("error writing to output (%v): %s", LICENSE_LIST_TITLES_LICENSE_CHOICE, err) + _ = getLogger().Errorf("error writing to output (%v): %s", VALIDATION_ERROR_TITLES, err) return } diff --git a/cmd/validate_test.go b/cmd/validate_test.go index 640e53f0..9940344e 100644 --- a/cmd/validate_test.go +++ b/cmd/validate_test.go @@ -124,7 +124,6 @@ func innerTestValidate(t *testing.T, vti ValidateTestInfo) (document *schema.BOM // TODO: support additional tests on output buffer (e.g., format==valid JSON) isValid, document, schemaErrors, outputBuffer, actualError = innerValidateErrorBuffered( - t, utils.GlobalFlags.PersistentFlags, utils.GlobalFlags.ValidateFlags, ) @@ -178,7 +177,7 @@ func innerTestValidate(t *testing.T, vti ValidateTestInfo) (document *schema.BOM return } -func innerValidateErrorBuffered(t *testing.T, persistentFlags utils.PersistentCommandFlags, validationFlags utils.ValidateCommandFlags) (isValid bool, document *schema.BOM, schemaErrors []gojsonschema.ResultError, outputBuffer bytes.Buffer, err error) { +func innerValidateErrorBuffered(persistentFlags utils.PersistentCommandFlags, validationFlags utils.ValidateCommandFlags) (isValid bool, document *schema.BOM, schemaErrors []gojsonschema.ResultError, outputBuffer bytes.Buffer, err error) { // Declare an output outputBuffer/outputWriter to use used during tests var outputWriter = bufio.NewWriter(&outputBuffer) // ensure all data is written to buffer before further validation @@ -431,7 +430,7 @@ func TestValidateCdx14ErrorResultsFormatIriReferencesJson(t *testing.T) { // Test custom config.json (i.e., `--config-schema` flag) // ----------------------------------------------------------- -func loadCustomSchemaConfig(t *testing.T, filename string) (err error) { +func loadCustomSchemaConfig(filename string) (err error) { // Do not pass a default file, it should fail if custom policy cannot be loaded err = SupportedFormatConfig.InnerLoadSchemaConfigFile(filename, DEFAULT_SCHEMA_CONFIG) if err != nil { @@ -440,17 +439,17 @@ func loadCustomSchemaConfig(t *testing.T, filename string) (err error) { return } -func restoreEmbeddedDefaultSchemaConfig(t *testing.T) (err error) { - return loadCustomSchemaConfig(t, "") +func restoreEmbeddedDefaultSchemaConfig() (err error) { + return loadCustomSchemaConfig("") } func innerValidateCustomSchemaConfig(t *testing.T, filename string, configFile string, variant string, format string, expectedError error) (document *schema.BOM, schemaErrors []gojsonschema.ResultError, actualError error) { getLogger().Enter() defer getLogger().Exit() - loadCustomSchemaConfig(t, configFile) + loadCustomSchemaConfig(configFile) // !!!Important!!! MUST restore the embedded `config.json` to be used for all other tests - defer restoreEmbeddedDefaultSchemaConfig(t) + defer restoreEmbeddedDefaultSchemaConfig() vti := NewValidateTestInfo(TEST_CDX_1_4_MIN_REQUIRED, FORMAT_TEXT, variant, nil) document, schemaErrors, actualError = innerTestValidate(t, *vti) diff --git a/cmd/vulnerability.go b/cmd/vulnerability.go index f1b74781..bb61b4a4 100644 --- a/cmd/vulnerability.go +++ b/cmd/vulnerability.go @@ -64,19 +64,19 @@ const ( // NOTE: data marked as "summary" data is informed by the output from the NVD database service itself // this includes fields that have ISO 8601 date-time fields are truncated to show date only var VULNERABILITY_LIST_ROW_DATA = []ColumnFormatData{ - {VULN_DATA_KEY_ID, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {VULN_DATA_KEY_BOM_REF, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_CWES, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_CVSS_SEVERITY, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {VULN_DATA_KEY_SOURCE_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {VULN_DATA_KEY_SOURCE_URL, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_PUBLISHED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false}, - {VULN_DATA_KEY_UPDATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_CREATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_REJECTED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_ANALYSIS_STATE, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_ANALYSIS_JUSTIFICATION, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false}, - {VULN_DATA_KEY_DESC, VULN_TRUNCATE_DESC_LEN, REPORT_SUMMARY_DATA_TRUE, REPORT_REPLACE_LINE_FEEDS_TRUE}, + *NewColumnFormatData(VULN_DATA_KEY_ID, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(VULN_DATA_KEY_BOM_REF, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_CWES, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_CVSS_SEVERITY, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(VULN_DATA_KEY_SOURCE_NAME, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(VULN_DATA_KEY_SOURCE_URL, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_PUBLISHED, DEFAULT_COLUMN_TRUNCATE_LENGTH, REPORT_SUMMARY_DATA_TRUE, false), + *NewColumnFormatData(VULN_DATA_KEY_UPDATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_CREATED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_REJECTED, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_ANALYSIS_STATE, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_ANALYSIS_JUSTIFICATION, DEFAULT_COLUMN_TRUNCATE_LENGTH, false, false), + *NewColumnFormatData(VULN_DATA_KEY_DESC, VULN_TRUNCATE_DESC_LEN, REPORT_SUMMARY_DATA_TRUE, REPORT_REPLACE_LINE_FEEDS_TRUE), } // TODO make configurable via flag @@ -123,12 +123,12 @@ func NewCommandVulnerability() *cobra.Command { } // Make sure subcommand is known - if !preRunTestForSubcommand(command, VALID_SUBCOMMANDS_VULNERABILITY, args[0]) { + if !preRunTestForSubcommand(VALID_SUBCOMMANDS_VULNERABILITY, args[0]) { return getLogger().Errorf("Subcommand provided is not valid: `%v`", args[0]) } // Test for required flags (parameters) - err = preRunTestForInputFile(cmd, args) + err = preRunTestForInputFile(args) return } @@ -162,7 +162,6 @@ func vulnerabilityCmdImpl(cmd *cobra.Command, args []string) (err error) { } err = ListVulnerabilities(writer, utils.GlobalFlags.PersistentFlags, utils.GlobalFlags.VulnerabilityFlags, whereFilters) - return } @@ -182,7 +181,6 @@ func sortVulnerabilities(entries []multimap.Entry) { if vuln1.Id != vuln2.Id { return vuln1.Id > vuln2.Id } - return vuln1.Created > vuln2.Created }) } @@ -219,20 +217,19 @@ func ListVulnerabilities(writer io.Writer, persistentFlags utils.PersistentComma getLogger().Infof("Outputting listing (`%s` format)...", format) switch format { case FORMAT_TEXT: - DisplayVulnListText(document, writer, flags) + err = DisplayVulnListText(document, writer, flags) case FORMAT_CSV: err = DisplayVulnListCSV(document, writer, flags) case FORMAT_MARKDOWN: err = DisplayVulnListMarkdown(document, writer, flags) case FORMAT_JSON: - DisplayVulnListJson(document, writer, flags) + err = DisplayVulnListJson(document, writer, flags) default: // Default to Text output for anything else (set as flag default) getLogger().Warningf("Listing not supported for `%s` format; defaulting to `%s` format...", format, FORMAT_JSON) - DisplayVulnListText(document, writer, flags) + err = DisplayVulnListText(document, writer, flags) } - return } @@ -372,15 +369,13 @@ func DisplayVulnListMarkdown(bom *schema.BOM, writer io.Writer, flags utils.Vuln getLogger().Enter() defer getLogger().Exit() - // Create title row data as []string + // Create title row data as []string, include columns depending on value of Summary flag. titles, _ := prepareReportTitleData(VULNERABILITY_LIST_ROW_DATA, flags.Summary) - - // create title row titleRow := createMarkdownRow(titles) fmt.Fprintf(writer, "%s\n", titleRow) - // create alignment row - alignments := createMarkdownColumnAlignment(titles) + // create alignment row, include columns depending on value of Summary flag. + alignments := createMarkdownColumnAlignmentRow(VULNERABILITY_LIST_ROW_DATA, flags.Summary) alignmentRow := createMarkdownRow(alignments) fmt.Fprintf(writer, "%s\n", alignmentRow) @@ -416,7 +411,7 @@ func DisplayVulnListMarkdown(bom *schema.BOM, writer io.Writer, flags utils.Vuln } // Output filtered list of vulnerabilities as JSON -func DisplayVulnListJson(bom *schema.BOM, writer io.Writer, flags utils.VulnerabilityCommandFlags) { +func DisplayVulnListJson(bom *schema.BOM, writer io.Writer, flags utils.VulnerabilityCommandFlags) (err error) { getLogger().Enter() defer getLogger().Exit() @@ -434,5 +429,6 @@ func DisplayVulnListJson(bom *schema.BOM, writer io.Writer, flags utils.Vulnerab // Note: JSON data files MUST ends in a newline as this is a POSIX standard // which is already accounted for by the JSON encoder. - utils.WriteAnyAsEncodedJSONInt(writer, vulnList, utils.GlobalFlags.PersistentFlags.GetOutputIndentInt()) + _, err = utils.WriteAnyAsEncodedJSONInt(writer, vulnList, utils.GlobalFlags.PersistentFlags.GetOutputIndentInt()) + return } diff --git a/docs/spdx-licenses-3-20-delta.json b/docs/spdx-licenses-3-20-delta.json deleted file mode 100644 index aa3db4d6..00000000 --- a/docs/spdx-licenses-3-20-delta.json +++ /dev/null @@ -1,4144 +0,0 @@ -{ - "licenseListVersion": "4fe3e61", - "licenses": [ - { - "reference": "https://spdx.org/licenses/AAL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AAL.json", - "referenceNumber": 29, - "name": "Attribution Assurance License", - "licenseId": "AAL", - "seeAlso": [ - "https://opensource.org/licenses/attribution" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Abstyles.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Abstyles.json", - "referenceNumber": 224, - "name": "Abstyles License", - "licenseId": "Abstyles", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Abstyles" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AdaCore-doc.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AdaCore-doc.json", - "referenceNumber": 370, - "name": "AdaCore Doc License", - "licenseId": "AdaCore-doc", - "seeAlso": [ - "https://github.com/AdaCore/xmlada/blob/master/docs/index.rst", - "https://github.com/AdaCore/gnatcoll-core/blob/master/docs/index.rst", - "https://github.com/AdaCore/gnatcoll-db/blob/master/docs/index.rst" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Adobe-Glyph.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Adobe-Glyph.json", - "referenceNumber": 376, - "name": "Adobe Glyph List License", - "licenseId": "Adobe-Glyph", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT#AdobeGlyph" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Afmparse.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Afmparse.json", - "referenceNumber": 461, - "name": "Afmparse License", - "licenseId": "Afmparse", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Afmparse" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Aladdin.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Aladdin.json", - "referenceNumber": 196, - "name": "Aladdin Free Public License", - "licenseId": "Aladdin", - "seeAlso": [ - "http://pages.cs.wisc.edu/~ghost/doc/AFPL/6.01/Public.htm" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/AMDPLPA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AMDPLPA.json", - "referenceNumber": 155, - "name": "AMD\u0027s plpa_map.c License", - "licenseId": "AMDPLPA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AMD_plpa_map_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AML.json", - "referenceNumber": 415, - "name": "Apple MIT License", - "licenseId": "AML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Apple_MIT_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AMPAS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AMPAS.json", - "referenceNumber": 12, - "name": "Academy of Motion Picture Arts and Sciences BSD", - "licenseId": "AMPAS", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/BSD#AMPASBSD" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ANTLR-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ANTLR-PD.json", - "referenceNumber": 408, - "name": "ANTLR Software Rights Notice", - "licenseId": "ANTLR-PD", - "seeAlso": [ - "http://www.antlr2.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ANTLR-PD-fallback.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ANTLR-PD-fallback.json", - "referenceNumber": 300, - "name": "ANTLR Software Rights Notice with license fallback", - "licenseId": "ANTLR-PD-fallback", - "seeAlso": [ - "http://www.antlr2.org/license.html" - ], - "isOsiApproved": false - }, - - { - "reference": "https://spdx.org/licenses/Apache-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Apache-1.1.json", - "referenceNumber": 495, - "name": "Apache License 1.1", - "licenseId": "Apache-1.1", - "seeAlso": [ - "http://apache.org/licenses/LICENSE-1.1", - "https://opensource.org/licenses/Apache-1.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/APAFML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APAFML.json", - "referenceNumber": 441, - "name": "Adobe Postscript AFM License", - "licenseId": "APAFML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AdobePostscriptAFM" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/APL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APL-1.0.json", - "referenceNumber": 349, - "name": "Adaptive Public License 1.0", - "licenseId": "APL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/APL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/App-s2p.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/App-s2p.json", - "referenceNumber": 38, - "name": "App::s2p License", - "licenseId": "App-s2p", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/App-s2p" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Arphic-1999.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Arphic-1999.json", - "referenceNumber": 274, - "name": "Arphic Public License", - "licenseId": "Arphic-1999", - "seeAlso": [ - "http://ftp.gnu.org/gnu/non-gnu/chinese-fonts-truetype/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ASWF-Digital-Assets-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ASWF-Digital-Assets-1.0.json", - "referenceNumber": 43, - "name": "ASWF Digital Assets License version 1.0", - "licenseId": "ASWF-Digital-Assets-1.0", - "seeAlso": [ - "https://github.com/AcademySoftwareFoundation/foundation/blob/main/digital_assets/aswf_digital_assets_license_v1.0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Baekmuk.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Baekmuk.json", - "referenceNumber": 6, - "name": "Baekmuk License", - "licenseId": "Baekmuk", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:Baekmuk?rd\u003dLicensing/Baekmuk" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bahyph.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bahyph.json", - "referenceNumber": 103, - "name": "Bahyph License", - "licenseId": "Bahyph", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Bahyph" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Barr.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Barr.json", - "referenceNumber": 92, - "name": "Barr License", - "licenseId": "Barr", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Barr" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bitstream-Charter.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bitstream-Charter.json", - "referenceNumber": 213, - "name": "Bitstream Charter Font License", - "licenseId": "Bitstream-Charter", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Charter#License_Text", - "https://raw.githubusercontent.com/blackhole89/notekit/master/data/fonts/Charter%20license.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bitstream-Vera.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bitstream-Vera.json", - "referenceNumber": 323, - "name": "Bitstream Vera Font License", - "licenseId": "Bitstream-Vera", - "seeAlso": [ - "https://web.archive.org/web/20080207013128/http://www.gnome.org/fonts/", - "https://docubrain.com/sites/default/files/licenses/bitstream-vera.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BitTorrent-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BitTorrent-1.0.json", - "referenceNumber": 133, - "name": "BitTorrent Open Source License v1.0", - "licenseId": "BitTorrent-1.0", - "seeAlso": [ - "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/licenses/BitTorrent?r1\u003d1.1\u0026r2\u003d1.1.1.1\u0026diff_format\u003ds" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BitTorrent-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BitTorrent-1.1.json", - "referenceNumber": 86, - "name": "BitTorrent Open Source License v1.1", - "licenseId": "BitTorrent-1.1", - "seeAlso": [ - "http://directory.fsf.org/wiki/License:BitTorrentOSL1.1" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/blessing.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/blessing.json", - "referenceNumber": 413, - "name": "SQLite Blessing", - "licenseId": "blessing", - "seeAlso": [ - "https://www.sqlite.org/src/artifact/e33a4df7e32d742a?ln\u003d4-9", - "https://sqlite.org/src/artifact/df5091916dbb40e6" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BlueOak-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BlueOak-1.0.0.json", - "referenceNumber": 490, - "name": "Blue Oak Model License 1.0.0", - "licenseId": "BlueOak-1.0.0", - "seeAlso": [ - "https://blueoakcouncil.org/license/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Borceux.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Borceux.json", - "referenceNumber": 127, - "name": "Borceux license", - "licenseId": "Borceux", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Borceux" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Brian-Gladman-3-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Brian-Gladman-3-Clause.json", - "referenceNumber": 109, - "name": "Brian Gladman 3-Clause License", - "licenseId": "Brian-Gladman-3-Clause", - "seeAlso": [ - "https://github.com/SWI-Prolog/packages-clib/blob/master/sha1/brg_endian.h" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-LBNL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-LBNL.json", - "referenceNumber": 498, - "name": "Lawrence Berkeley National Labs BSD variant license", - "licenseId": "BSD-3-Clause-LBNL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/LBNLBSD" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-Modification.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-Modification.json", - "referenceNumber": 493, - "name": "BSD 3-Clause Modification", - "licenseId": "BSD-3-Clause-Modification", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:BSD#Modification_Variant" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BUSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BUSL-1.1.json", - "referenceNumber": 229, - "name": "Business Source License 1.1", - "licenseId": "BUSL-1.1", - "seeAlso": [ - "https://mariadb.com/bsl11/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/bzip2-1.0.5.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/bzip2-1.0.5.json", - "referenceNumber": 0, - "name": "bzip2 and libbzip2 License v1.0.5", - "licenseId": "bzip2-1.0.5", - "seeAlso": [ - "https://sourceware.org/bzip2/1.0.5/bzip2-manual-1.0.5.html", - "http://bzip.org/1.0.5/bzip2-manual-1.0.5.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/C-UDA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/C-UDA-1.0.json", - "referenceNumber": 543, - "name": "Computational Use of Data Agreement v1.0", - "licenseId": "C-UDA-1.0", - "seeAlso": [ - "https://github.com/microsoft/Computational-Use-of-Data-Agreement/blob/master/C-UDA-1.0.md", - "https://cdla.dev/computational-use-of-data-agreement-v1-0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CAL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CAL-1.0.json", - "referenceNumber": 551, - "name": "Cryptographic Autonomy License 1.0", - "licenseId": "CAL-1.0", - "seeAlso": [ - "http://cryptographicautonomylicense.com/license-text.html", - "https://opensource.org/licenses/CAL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CAL-1.0-Combined-Work-Exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CAL-1.0-Combined-Work-Exception.json", - "referenceNumber": 149, - "name": "Cryptographic Autonomy License 1.0 (Combined Work Exception)", - "licenseId": "CAL-1.0-Combined-Work-Exception", - "seeAlso": [ - "http://cryptographicautonomylicense.com/license-text.html", - "https://opensource.org/licenses/CAL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Caldera.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Caldera.json", - "referenceNumber": 188, - "name": "Caldera License", - "licenseId": "Caldera", - "seeAlso": [ - "http://www.lemis.com/grog/UNIX/ancient-source-all.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CATOSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CATOSL-1.1.json", - "referenceNumber": 148, - "name": "Computer Associates Trusted Open Source License 1.1", - "licenseId": "CATOSL-1.1", - "seeAlso": [ - "https://opensource.org/licenses/CATOSL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CDL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDL-1.0.json", - "referenceNumber": 202, - "name": "Common Documentation License 1.0", - "licenseId": "CDL-1.0", - "seeAlso": [ - "http://www.opensource.apple.com/cdl/", - "https://fedoraproject.org/wiki/Licensing/Common_Documentation_License", - "https://www.gnu.org/licenses/license-list.html#ACDL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-1.0.json", - "referenceNumber": 136, - "name": "CeCILL Free Software License Agreement v1.0", - "licenseId": "CECILL-1.0", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V1-fr.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-1.1.json", - "referenceNumber": 358, - "name": "CeCILL Free Software License Agreement v1.1", - "licenseId": "CECILL-1.1", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V1.1-US.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-2.0.json", - "referenceNumber": 75, - "name": "CeCILL Free Software License Agreement v2.0", - "licenseId": "CECILL-2.0", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V2-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-2.1.json", - "referenceNumber": 245, - "name": "CeCILL Free Software License Agreement v2.1", - "licenseId": "CECILL-2.1", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V2.1-en.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-B.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-B.json", - "referenceNumber": 98, - "name": "CeCILL-B Free Software License Agreement", - "licenseId": "CECILL-B", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-C.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-C.json", - "referenceNumber": 223, - "name": "CeCILL-C Free Software License Agreement", - "licenseId": "CECILL-C", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL-C_V1-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-1.1.json", - "referenceNumber": 24, - "name": "CERN Open Hardware Licence v1.1", - "licenseId": "CERN-OHL-1.1", - "seeAlso": [ - "https://www.ohwr.org/project/licenses/wikis/cern-ohl-v1.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-1.2.json", - "referenceNumber": 500, - "name": "CERN Open Hardware Licence v1.2", - "licenseId": "CERN-OHL-1.2", - "seeAlso": [ - "https://www.ohwr.org/project/licenses/wikis/cern-ohl-v1.2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-P-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-P-2.0.json", - "referenceNumber": 206, - "name": "CERN Open Hardware Licence Version 2 - Permissive", - "licenseId": "CERN-OHL-P-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-S-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-S-2.0.json", - "referenceNumber": 367, - "name": "CERN Open Hardware Licence Version 2 - Strongly Reciprocal", - "licenseId": "CERN-OHL-S-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-W-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-W-2.0.json", - "referenceNumber": 226, - "name": "CERN Open Hardware Licence Version 2 - Weakly Reciprocal", - "licenseId": "CERN-OHL-W-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CFITSIO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CFITSIO.json", - "referenceNumber": 418, - "name": "CFITSIO License", - "licenseId": "CFITSIO", - "seeAlso": [ - "https://heasarc.gsfc.nasa.gov/docs/software/fitsio/c/f_user/node9.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/checkmk.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/checkmk.json", - "referenceNumber": 167, - "name": "Checkmk License", - "licenseId": "checkmk", - "seeAlso": [ - "https://github.com/libcheck/check/blob/master/checkmk/checkmk.in" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Clips.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Clips.json", - "referenceNumber": 258, - "name": "Clips License", - "licenseId": "Clips", - "seeAlso": [ - "https://github.com/DrItanium/maya/blob/master/LICENSE.CLIPS" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CMU-Mach.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CMU-Mach.json", - "referenceNumber": 385, - "name": "CMU Mach License", - "licenseId": "CMU-Mach", - "seeAlso": [ - "https://www.cs.cmu.edu/~410/licenses.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CNRI-Jython.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Jython.json", - "referenceNumber": 485, - "name": "CNRI Jython License", - "licenseId": "CNRI-Jython", - "seeAlso": [ - "http://www.jython.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CNRI-Python.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Python.json", - "referenceNumber": 251, - "name": "CNRI Python License", - "licenseId": "CNRI-Python", - "seeAlso": [ - "https://opensource.org/licenses/CNRI-Python" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CNRI-Python-GPL-Compatible.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Python-GPL-Compatible.json", - "referenceNumber": 237, - "name": "CNRI Python Open Source GPL Compatible License Agreement", - "licenseId": "CNRI-Python-GPL-Compatible", - "seeAlso": [ - "http://www.python.org/download/releases/1.6.1/download_win/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/COIL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/COIL-1.0.json", - "referenceNumber": 307, - "name": "Copyfree Open Innovation License", - "licenseId": "COIL-1.0", - "seeAlso": [ - "https://coil.apotheon.org/plaintext/01.0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Community-Spec-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Community-Spec-1.0.json", - "referenceNumber": 192, - "name": "Community Specification License 1.0", - "licenseId": "Community-Spec-1.0", - "seeAlso": [ - "https://github.com/CommunitySpecification/1.0/blob/master/1._Community_Specification_License-v1.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Condor-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Condor-1.1.json", - "referenceNumber": 116, - "name": "Condor Public License v1.1", - "licenseId": "Condor-1.1", - "seeAlso": [ - "http://research.cs.wisc.edu/condor/license.html#condor", - "http://web.archive.org/web/20111123062036/http://research.cs.wisc.edu/condor/license.html#condor" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/copyleft-next-0.3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/copyleft-next-0.3.0.json", - "referenceNumber": 483, - "name": "copyleft-next 0.3.0", - "licenseId": "copyleft-next-0.3.0", - "seeAlso": [ - "https://github.com/copyleft-next/copyleft-next/blob/master/Releases/copyleft-next-0.3.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/copyleft-next-0.3.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/copyleft-next-0.3.1.json", - "referenceNumber": 150, - "name": "copyleft-next 0.3.1", - "licenseId": "copyleft-next-0.3.1", - "seeAlso": [ - "https://github.com/copyleft-next/copyleft-next/blob/master/Releases/copyleft-next-0.3.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Cornell-Lossless-JPEG.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Cornell-Lossless-JPEG.json", - "referenceNumber": 147, - "name": "Cornell Lossless JPEG License", - "licenseId": "Cornell-Lossless-JPEG", - "seeAlso": [ - "https://android.googlesource.com/platform/external/dng_sdk/+/refs/heads/master/source/dng_lossless_jpeg.cpp#16", - "https://www.mssl.ucl.ac.uk/~mcrw/src/20050920/proto.h", - "https://gitlab.freedesktop.org/libopenraw/libopenraw/blob/master/lib/ljpegdecompressor.cpp#L32" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CPAL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CPAL-1.0.json", - "referenceNumber": 238, - "name": "Common Public Attribution License 1.0", - "licenseId": "CPAL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/CPAL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Crossword.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Crossword.json", - "referenceNumber": 393, - "name": "Crossword License", - "licenseId": "Crossword", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Crossword" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/cryptsetup-OpenSSL-exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/cryptsetup-OpenSSL-exception.json", - "referenceNumber": 542, - "name": "cryptsetup OpenSSL exception", - "licenseId": "cryptsetup-OpenSSL-exception", - "seeAlso": [ - "https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/COPYING", - "https://gitlab.nic.cz/datovka/datovka/-/blob/develop/COPYING", - "https://github.com/nbs-system/naxsi/blob/951123ad456bdf5ac94e8d8819342fe3d49bc002/naxsi_src/naxsi_raw.c", - "http://web.mit.edu/jgross/arch/amd64_deb60/bin/mosh" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CrystalStacker.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CrystalStacker.json", - "referenceNumber": 383, - "name": "CrystalStacker License", - "licenseId": "CrystalStacker", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:CrystalStacker?rd\u003dLicensing/CrystalStacker" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CUA-OPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CUA-OPL-1.0.json", - "referenceNumber": 90, - "name": "CUA Office Public License v1.0", - "licenseId": "CUA-OPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/CUA-OPL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Cube.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Cube.json", - "referenceNumber": 157, - "name": "Cube License", - "licenseId": "Cube", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Cube" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/D-FSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/D-FSL-1.0.json", - "referenceNumber": 121, - "name": "Deutsche Freie Software Lizenz", - "licenseId": "D-FSL-1.0", - "seeAlso": [ - "http://www.dipp.nrw.de/d-fsl/lizenzen/", - "http://www.dipp.nrw.de/d-fsl/index_html/lizenzen/de/D-FSL-1_0_de.txt", - "http://www.dipp.nrw.de/d-fsl/index_html/lizenzen/en/D-FSL-1_0_en.txt", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/deutsche-freie-software-lizenz", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/german-free-software-license", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/D-FSL-1_0_de.txt/at_download/file", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/D-FSL-1_0_en.txt/at_download/file" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/diffmark.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/diffmark.json", - "referenceNumber": 369, - "name": "diffmark license", - "licenseId": "diffmark", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/diffmark" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DL-DE-BY-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DL-DE-BY-2.0.json", - "referenceNumber": 84, - "name": "Data licence Germany – attribution – version 2.0", - "licenseId": "DL-DE-BY-2.0", - "seeAlso": [ - "https://www.govdata.de/dl-de/by-2-0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DOC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DOC.json", - "referenceNumber": 243, - "name": "DOC License", - "licenseId": "DOC", - "seeAlso": [ - "http://www.cs.wustl.edu/~schmidt/ACE-copying.html", - "https://www.dre.vanderbilt.edu/~schmidt/ACE-copying.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Dotseqn.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Dotseqn.json", - "referenceNumber": 361, - "name": "Dotseqn License", - "licenseId": "Dotseqn", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Dotseqn" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DRL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DRL-1.0.json", - "referenceNumber": 87, - "name": "Detection Rule License 1.0", - "licenseId": "DRL-1.0", - "seeAlso": [ - "https://github.com/Neo23x0/sigma/blob/master/LICENSE.Detection.Rules.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DSDP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DSDP.json", - "referenceNumber": 203, - "name": "DSDP License", - "licenseId": "DSDP", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/DSDP" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/dvipdfm.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/dvipdfm.json", - "referenceNumber": 22, - "name": "dvipdfm License", - "licenseId": "dvipdfm", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/dvipdfm" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/eCos-2.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/eCos-2.0.json", - "referenceNumber": 8, - "name": "eCos license version 2.0", - "licenseId": "eCos-2.0", - "seeAlso": [ - "https://www.gnu.org/licenses/ecos-license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/EFL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EFL-1.0.json", - "referenceNumber": 295, - "name": "Eiffel Forum License v1.0", - "licenseId": "EFL-1.0", - "seeAlso": [ - "http://www.eiffel-nice.org/license/forum.txt", - "https://opensource.org/licenses/EFL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/EFL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EFL-2.0.json", - "referenceNumber": 247, - "name": "Eiffel Forum License v2.0", - "licenseId": "EFL-2.0", - "seeAlso": [ - "http://www.eiffel-nice.org/license/eiffel-forum-license-2.html", - "https://opensource.org/licenses/EFL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Entessa.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Entessa.json", - "referenceNumber": 190, - "name": "Entessa Public License v1.0", - "licenseId": "Entessa", - "seeAlso": [ - "https://opensource.org/licenses/Entessa" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/EPICS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EPICS.json", - "referenceNumber": 429, - "name": "EPICS Open License", - "licenseId": "EPICS", - "seeAlso": [ - "https://epics.anl.gov/license/open.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/etalab-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/etalab-2.0.json", - "referenceNumber": 186, - "name": "Etalab Open License 2.0", - "licenseId": "etalab-2.0", - "seeAlso": [ - "https://github.com/DISIC/politique-de-contribution-open-source/blob/master/LICENSE.pdf", - "https://raw.githubusercontent.com/DISIC/politique-de-contribution-open-source/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/EUDatagrid.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EUDatagrid.json", - "referenceNumber": 366, - "name": "EU DataGrid Software License", - "licenseId": "EUDatagrid", - "seeAlso": [ - "http://eu-datagrid.web.cern.ch/eu-datagrid/license.html", - "https://opensource.org/licenses/EUDatagrid" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Eurosym.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Eurosym.json", - "referenceNumber": 336, - "name": "Eurosym License", - "licenseId": "Eurosym", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Eurosym" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Fair.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Fair.json", - "referenceNumber": 33, - "name": "Fair License", - "licenseId": "Fair", - "seeAlso": [ - "http://fairlicense.org/", - "https://opensource.org/licenses/Fair" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/FDK-AAC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FDK-AAC.json", - "referenceNumber": 347, - "name": "Fraunhofer FDK AAC Codec Library", - "licenseId": "FDK-AAC", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FDK-AAC", - "https://directory.fsf.org/wiki/License:Fdk" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Frameworx-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Frameworx-1.0.json", - "referenceNumber": 125, - "name": "Frameworx Open License 1.0", - "licenseId": "Frameworx-1.0", - "seeAlso": [ - "https://opensource.org/licenses/Frameworx-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/FreeBSD-DOC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FreeBSD-DOC.json", - "referenceNumber": 416, - "name": "FreeBSD Documentation License", - "licenseId": "FreeBSD-DOC", - "seeAlso": [ - "https://www.freebsd.org/copyright/freebsd-doc-license/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FreeImage.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FreeImage.json", - "referenceNumber": 219, - "name": "FreeImage Public License v1.0", - "licenseId": "FreeImage", - "seeAlso": [ - "http://freeimage.sourceforge.net/freeimage-license.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFUL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFUL.json", - "referenceNumber": 270, - "name": "FSF Unlimited License", - "licenseId": "FSFUL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FSF_Unlimited_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFULLR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFULLR.json", - "referenceNumber": 524, - "name": "FSF Unlimited License (with License Retention)", - "licenseId": "FSFULLR", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FSF_Unlimited_License#License_Retention_Variant" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFULLRWD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFULLRWD.json", - "referenceNumber": 54, - "name": "FSF Unlimited License (With License Retention and Warranty Disclaimer)", - "licenseId": "FSFULLRWD", - "seeAlso": [ - "https://lists.gnu.org/archive/html/autoconf/2012-04/msg00061.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GD.json", - "referenceNumber": 521, - "name": "GD License", - "licenseId": "GD", - "seeAlso": [ - "https://libgd.github.io/manuals/2.3.0/files/license-txt.html" - ], - "isOsiApproved": false - }, - - { - "reference": "https://spdx.org/licenses/Giftware.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Giftware.json", - "referenceNumber": 511, - "name": "Giftware License", - "licenseId": "Giftware", - "seeAlso": [ - "http://liballeg.org/license.html#allegro-4-the-giftware-license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GL2PS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GL2PS.json", - "referenceNumber": 212, - "name": "GL2PS License", - "licenseId": "GL2PS", - "seeAlso": [ - "http://www.geuz.org/gl2ps/COPYING.GL2PS" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Glide.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Glide.json", - "referenceNumber": 217, - "name": "3dfx Glide License", - "licenseId": "Glide", - "seeAlso": [ - "http://www.users.on.net/~triforce/glidexp/COPYING.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Glulxe.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Glulxe.json", - "referenceNumber": 537, - "name": "Glulxe License", - "licenseId": "Glulxe", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Glulxe" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GLWTPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GLWTPL.json", - "referenceNumber": 119, - "name": "Good Luck With That Public License", - "licenseId": "GLWTPL", - "seeAlso": [ - "https://github.com/me-shaon/GLWTPL/commit/da5f6bc734095efbacb442c0b31e33a65b9d6e85" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/gnuplot.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/gnuplot.json", - "referenceNumber": 482, - "name": "gnuplot License", - "licenseId": "gnuplot", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Gnuplot" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-1.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-1.0+.json", - "referenceNumber": 288, - "name": "GNU General Public License v1.0 or later", - "licenseId": "GPL-1.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ], - "isOsiApproved": false - }, - - { - "reference": "https://spdx.org/licenses/GPL-2.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0+.json", - "referenceNumber": 16, - "name": "GNU General Public License v2.0 or later", - "licenseId": "GPL-2.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-autoconf-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-autoconf-exception.json", - "referenceNumber": 235, - "name": "GNU General Public License v2.0 w/Autoconf exception", - "licenseId": "GPL-2.0-with-autoconf-exception", - "seeAlso": [ - "http://ac-archive.sourceforge.net/doc/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-bison-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-bison-exception.json", - "referenceNumber": 134, - "name": "GNU General Public License v2.0 w/Bison exception", - "licenseId": "GPL-2.0-with-bison-exception", - "seeAlso": [ - "http://git.savannah.gnu.org/cgit/bison.git/tree/data/yacc.c?id\u003d193d7c7054ba7197b0789e14965b739162319b5e#n141" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-classpath-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-classpath-exception.json", - "referenceNumber": 519, - "name": "GNU General Public License v2.0 w/Classpath exception", - "licenseId": "GPL-2.0-with-classpath-exception", - "seeAlso": [ - "https://www.gnu.org/software/classpath/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-font-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-font-exception.json", - "referenceNumber": 265, - "name": "GNU General Public License v2.0 w/Font exception", - "licenseId": "GPL-2.0-with-font-exception", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-faq.html#FontException" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-GCC-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-GCC-exception.json", - "referenceNumber": 99, - "name": "GNU General Public License v2.0 w/GCC Runtime Library exception", - "licenseId": "GPL-2.0-with-GCC-exception", - "seeAlso": [ - "https://gcc.gnu.org/git/?p\u003dgcc.git;a\u003dblob;f\u003dgcc/libgcc1.c;h\u003d762f5143fc6eed57b6797c82710f3538aa52b40b;hb\u003dcb143a3ce4fb417c68f5fa2691a1b1b1053dfba9#l10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0+.json", - "referenceNumber": 220, - "name": "GNU General Public License v3.0 or later", - "licenseId": "GPL-3.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0-with-autoconf-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0-with-autoconf-exception.json", - "referenceNumber": 107, - "name": "GNU General Public License v3.0 w/Autoconf exception", - "licenseId": "GPL-3.0-with-autoconf-exception", - "seeAlso": [ - "https://www.gnu.org/licenses/autoconf-exception-3.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Graphics-Gems.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Graphics-Gems.json", - "referenceNumber": 486, - "name": "Graphics Gems License", - "licenseId": "Graphics-Gems", - "seeAlso": [ - "https://github.com/erich666/GraphicsGems/blob/master/LICENSE.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/gSOAP-1.3b.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/gSOAP-1.3b.json", - "referenceNumber": 546, - "name": "gSOAP Public License v1.3b", - "licenseId": "gSOAP-1.3b", - "seeAlso": [ - "http://www.cs.fsu.edu/~engelen/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HaskellReport.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HaskellReport.json", - "referenceNumber": 112, - "name": "Haskell Language Report License", - "licenseId": "HaskellReport", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Haskell_Language_Report_License" - ], - "isOsiApproved": false - }, - - { - "reference": "https://spdx.org/licenses/HP-1986.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HP-1986.json", - "referenceNumber": 51, - "name": "Hewlett-Packard 1986 License", - "licenseId": "HP-1986", - "seeAlso": [ - "https://sourceware.org/git/?p\u003dnewlib-cygwin.git;a\u003dblob;f\u003dnewlib/libc/machine/hppa/memchr.S;h\u003d1cca3e5e8867aa4bffef1f75a5c1bba25c0c441e;hb\u003dHEAD#l2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND.json", - "referenceNumber": 108, - "name": "Historical Permission Notice and Disclaimer", - "licenseId": "HPND", - "seeAlso": [ - "https://opensource.org/licenses/HPND" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/HPND-export-US.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-export-US.json", - "referenceNumber": 70, - "name": "HPND with US Government export control warning", - "licenseId": "HPND-export-US", - "seeAlso": [ - "https://www.kermitproject.org/ck90.html#source" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-Markus-Kuhn.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-Markus-Kuhn.json", - "referenceNumber": 111, - "name": "Historical Permission Notice and Disclaimer - Markus Kuhn variant", - "licenseId": "HPND-Markus-Kuhn", - "seeAlso": [ - "https://www.cl.cam.ac.uk/~mgk25/ucs/wcwidth.c", - "https://sourceware.org/git/?p\u003dbinutils-gdb.git;a\u003dblob;f\u003dreadline/readline/support/wcwidth.c;h\u003d0f5ec995796f4813abbcf4972aec0378ab74722a;hb\u003dHEAD#l55" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-sell-variant.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-sell-variant.json", - "referenceNumber": 96, - "name": "Historical Permission Notice and Disclaimer - sell variant", - "licenseId": "HPND-sell-variant", - "seeAlso": [ - "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/sunrpc/auth_gss/gss_generic_token.c?h\u003dv4.19" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-sell-variant-MIT-disclaimer.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-sell-variant-MIT-disclaimer.json", - "referenceNumber": 470, - "name": "HPND sell variant with MIT disclaimer", - "licenseId": "HPND-sell-variant-MIT-disclaimer", - "seeAlso": [ - "https://github.com/sigmavirus24/x11-ssh-askpass/blob/master/README" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HTMLTIDY.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HTMLTIDY.json", - "referenceNumber": 433, - "name": "HTML Tidy License", - "licenseId": "HTMLTIDY", - "seeAlso": [ - "https://github.com/htacg/tidy-html5/blob/next/README/LICENSE.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IBM-pibs.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IBM-pibs.json", - "referenceNumber": 52, - "name": "IBM PowerPC Initialization and Boot Software", - "licenseId": "IBM-pibs", - "seeAlso": [ - "http://git.denx.de/?p\u003du-boot.git;a\u003dblob;f\u003darch/powerpc/cpu/ppc4xx/miiphy.c;h\u003d297155fdafa064b955e53e9832de93bfb0cfb85b;hb\u003d9fab4bf4cc077c21e43941866f3f2c196f28670d" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ICU.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ICU.json", - "referenceNumber": 457, - "name": "ICU License", - "licenseId": "ICU", - "seeAlso": [ - "http://source.icu-project.org/repos/icu/icu/trunk/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IEC-Code-Components-EULA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IEC-Code-Components-EULA.json", - "referenceNumber": 101, - "name": "IEC Code Components End-user licence agreement", - "licenseId": "IEC-Code-Components-EULA", - "seeAlso": [ - "https://www.iec.ch/webstore/custserv/pdf/CC-EULA.pdf", - "https://www.iec.ch/CCv1", - "https://www.iec.ch/copyright" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IJG-short.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IJG-short.json", - "referenceNumber": 83, - "name": "Independent JPEG Group License - short", - "licenseId": "IJG-short", - "seeAlso": [ - "https://sourceforge.net/p/xmedcon/code/ci/master/tree/libs/ljpg/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ImageMagick.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ImageMagick.json", - "referenceNumber": 267, - "name": "ImageMagick License", - "licenseId": "ImageMagick", - "seeAlso": [ - "http://www.imagemagick.org/script/license.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/iMatix.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/iMatix.json", - "referenceNumber": 225, - "name": "iMatix Standard Function Library Agreement", - "licenseId": "iMatix", - "seeAlso": [ - "http://legacy.imatix.com/html/sfl/sfl4.htm#license" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Imlib2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Imlib2.json", - "referenceNumber": 131, - "name": "Imlib2 License", - "licenseId": "Imlib2", - "seeAlso": [ - "http://trac.enlightenment.org/e/browser/trunk/imlib2/COPYING", - "https://git.enlightenment.org/legacy/imlib2.git/tree/COPYING" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Info-ZIP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Info-ZIP.json", - "referenceNumber": 278, - "name": "Info-ZIP License", - "licenseId": "Info-ZIP", - "seeAlso": [ - "http://www.info-zip.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Intel.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Intel.json", - "referenceNumber": 303, - "name": "Intel Open Source License", - "licenseId": "Intel", - "seeAlso": [ - "https://opensource.org/licenses/Intel" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Intel-ACPI.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Intel-ACPI.json", - "referenceNumber": 472, - "name": "Intel ACPI Software License Agreement", - "licenseId": "Intel-ACPI", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Intel_ACPI_Software_License_Agreement" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Interbase-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Interbase-1.0.json", - "referenceNumber": 548, - "name": "Interbase Public License v1.0", - "licenseId": "Interbase-1.0", - "seeAlso": [ - "https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IPA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IPA.json", - "referenceNumber": 50, - "name": "IPA Font License", - "licenseId": "IPA", - "seeAlso": [ - "https://opensource.org/licenses/IPA" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/IPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IPL-1.0.json", - "referenceNumber": 53, - "name": "IBM Public License v1.0", - "licenseId": "IPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/IPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Jam.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Jam.json", - "referenceNumber": 515, - "name": "Jam License", - "licenseId": "Jam", - "seeAlso": [ - "https://www.boost.org/doc/libs/1_35_0/doc/html/jam.html", - "https://web.archive.org/web/20160330173339/https://swarm.workshop.perforce.com/files/guest/perforce_software/jam/src/README" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/JasPer-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JasPer-2.0.json", - "referenceNumber": 182, - "name": "JasPer License", - "licenseId": "JasPer-2.0", - "seeAlso": [ - "http://www.ece.uvic.ca/~mdadams/jasper/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/JPL-image.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JPL-image.json", - "referenceNumber": 332, - "name": "JPL Image Use Policy", - "licenseId": "JPL-image", - "seeAlso": [ - "https://www.jpl.nasa.gov/jpl-image-use-policy" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/JPNIC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JPNIC.json", - "referenceNumber": 19, - "name": "Japan Network Information Center License", - "licenseId": "JPNIC", - "seeAlso": [ - "https://gitlab.isc.org/isc-projects/bind9/blob/master/COPYRIGHT#L366" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Kazlib.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Kazlib.json", - "referenceNumber": 100, - "name": "Kazlib License", - "licenseId": "Kazlib", - "seeAlso": [ - "http://git.savannah.gnu.org/cgit/kazlib.git/tree/except.c?id\u003d0062df360c2d17d57f6af19b0e444c51feb99036" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Knuth-CTAN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Knuth-CTAN.json", - "referenceNumber": 417, - "name": "Knuth CTAN License", - "licenseId": "Knuth-CTAN", - "seeAlso": [ - "https://ctan.org/license/knuth" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LAL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LAL-1.2.json", - "referenceNumber": 138, - "name": "Licence Art Libre 1.2", - "licenseId": "LAL-1.2", - "seeAlso": [ - "http://artlibre.org/licence/lal/licence-art-libre-12/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LAL-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LAL-1.3.json", - "referenceNumber": 365, - "name": "Licence Art Libre 1.3", - "licenseId": "LAL-1.3", - "seeAlso": [ - "https://artlibre.org/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Latex2e.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Latex2e.json", - "referenceNumber": 228, - "name": "Latex2e License", - "licenseId": "Latex2e", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Latex2e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Latex2e-translated-notice.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Latex2e-translated-notice.json", - "referenceNumber": 47, - "name": "Latex2e with translated notice permission", - "licenseId": "Latex2e-translated-notice", - "seeAlso": [ - "https://git.savannah.gnu.org/cgit/indent.git/tree/doc/indent.texi?id\u003da74c6b4ee49397cf330b333da1042bffa60ed14f#n74" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Leptonica.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Leptonica.json", - "referenceNumber": 341, - "name": "Leptonica License", - "licenseId": "Leptonica", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Leptonica" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.0+.json", - "referenceNumber": 320, - "name": "GNU Library General Public License v2 or later", - "licenseId": "LGPL-2.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.1+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.1+.json", - "referenceNumber": 273, - "name": "GNU Lesser General Public License v2.1 or later", - "licenseId": "LGPL-2.1+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-3.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-3.0+.json", - "referenceNumber": 292, - "name": "GNU Lesser General Public License v3.0 or later", - "licenseId": "LGPL-3.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPLLR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPLLR.json", - "referenceNumber": 544, - "name": "Lesser General Public License For Linguistic Resources", - "licenseId": "LGPLLR", - "seeAlso": [ - "http://www-igm.univ-mlv.fr/~unitex/lgpllr.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Libpng.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Libpng.json", - "referenceNumber": 346, - "name": "libpng License", - "licenseId": "Libpng", - "seeAlso": [ - "http://www.libpng.org/pub/png/src/libpng-LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libpng-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libpng-2.0.json", - "referenceNumber": 183, - "name": "PNG Reference Library version 2", - "licenseId": "libpng-2.0", - "seeAlso": [ - "http://www.libpng.org/pub/png/src/libpng-LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libpri-OpenH323-exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libpri-OpenH323-exception.json", - "referenceNumber": 117, - "name": "libpri OpenH323 exception", - "licenseId": "libpri-OpenH323-exception", - "seeAlso": [ - "https://github.com/asterisk/libpri/blob/1.6.0/README#L19-L22" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libselinux-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libselinux-1.0.json", - "referenceNumber": 49, - "name": "libselinux public domain notice", - "licenseId": "libselinux-1.0", - "seeAlso": [ - "https://github.com/SELinuxProject/selinux/blob/master/libselinux/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libtiff.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libtiff.json", - "referenceNumber": 115, - "name": "libtiff License", - "licenseId": "libtiff", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/libtiff" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libutil-David-Nugent.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libutil-David-Nugent.json", - "referenceNumber": 66, - "name": "libutil David Nugent License", - "licenseId": "libutil-David-Nugent", - "seeAlso": [ - "http://web.mit.edu/freebsd/head/lib/libutil/login_ok.3", - "https://cgit.freedesktop.org/libbsd/tree/man/setproctitle.3bsd" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-P-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-P-1.1.json", - "referenceNumber": 48, - "name": "Licence Libre du Québec – Permissive version 1.1", - "licenseId": "LiLiQ-P-1.1", - "seeAlso": [ - "https://forge.gouv.qc.ca/licence/fr/liliq-v1-1/", - "http://opensource.org/licenses/LiLiQ-P-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-R-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-R-1.1.json", - "referenceNumber": 344, - "name": "Licence Libre du Québec – Réciprocité version 1.1", - "licenseId": "LiLiQ-R-1.1", - "seeAlso": [ - "https://www.forge.gouv.qc.ca/participez/licence-logicielle/licence-libre-du-quebec-liliq-en-francais/licence-libre-du-quebec-reciprocite-liliq-r-v1-1/", - "http://opensource.org/licenses/LiLiQ-R-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-Rplus-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-Rplus-1.1.json", - "referenceNumber": 244, - "name": "Licence Libre du Québec – Réciprocité forte version 1.1", - "licenseId": "LiLiQ-Rplus-1.1", - "seeAlso": [ - "https://www.forge.gouv.qc.ca/participez/licence-logicielle/licence-libre-du-quebec-liliq-en-francais/licence-libre-du-quebec-reciprocite-forte-liliq-r-v1-1/", - "http://opensource.org/licenses/LiLiQ-Rplus-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Linux-man-pages-copyleft.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-man-pages-copyleft.json", - "referenceNumber": 354, - "name": "Linux man-pages Copyleft", - "licenseId": "Linux-man-pages-copyleft", - "seeAlso": [ - "https://www.kernel.org/doc/man-pages/licenses.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Linux-man-pages-one-para.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-man-pages-one-para.json", - "referenceNumber": 130, - "name": "Linux man-pages One Paragraph", - "licenseId": "Linux-man-pages-one-para", - "seeAlso": [ - "https://github.com/mkerrisk/man-pages/blob/master/man2/getcpu.2#L4-L7" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Linux-OpenIB.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-OpenIB.json", - "referenceNumber": 333, - "name": "Linux Kernel Variant of OpenIB.org license", - "licenseId": "Linux-OpenIB", - "seeAlso": [ - "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/infiniband/core/sa.h" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LOOP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LOOP.json", - "referenceNumber": 423, - "name": "Common Lisp LOOP License", - "licenseId": "LOOP", - "seeAlso": [ - "https://gitlab.com/embeddable-common-lisp/ecl/-/blob/develop/src/lsp/loop.lsp", - "http://git.savannah.gnu.org/cgit/gcl.git/tree/gcl/lsp/gcl_loop.lsp?h\u003dVersion_2_6_13pre", - "https://sourceforge.net/p/sbcl/sbcl/ci/master/tree/src/code/loop.lisp", - "https://github.com/cl-adams/adams/blob/master/LICENSE.md", - "https://github.com/blakemcbride/eclipse-lisp/blob/master/lisp/loop.lisp", - "https://gitlab.common-lisp.net/cmucl/cmucl/-/blob/master/src/code/loop.lisp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPL-1.0.json", - "referenceNumber": 308, - "name": "Lucent Public License Version 1.0", - "licenseId": "LPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/LPL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LPL-1.02.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPL-1.02.json", - "referenceNumber": 110, - "name": "Lucent Public License v1.02", - "licenseId": "LPL-1.02", - "seeAlso": [ - "http://plan9.bell-labs.com/plan9/license.html", - "https://opensource.org/licenses/LPL-1.02" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.0.json", - "referenceNumber": 481, - "name": "LaTeX Project Public License v1.0", - "licenseId": "LPPL-1.0", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.1.json", - "referenceNumber": 160, - "name": "LaTeX Project Public License v1.1", - "licenseId": "LPPL-1.1", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.2.json", - "referenceNumber": 175, - "name": "LaTeX Project Public License v1.2", - "licenseId": "LPPL-1.2", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-2.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.3a.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.3a.json", - "referenceNumber": 451, - "name": "LaTeX Project Public License v1.3a", - "licenseId": "LPPL-1.3a", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-3a.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.3c.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.3c.json", - "referenceNumber": 89, - "name": "LaTeX Project Public License v1.3c", - "licenseId": "LPPL-1.3c", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-3c.txt", - "https://opensource.org/licenses/LPPL-1.3c" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LZMA-SDK-9.11-to-9.20.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LZMA-SDK-9.11-to-9.20.json", - "referenceNumber": 268, - "name": "LZMA SDK License (versions 9.11 to 9.20)", - "licenseId": "LZMA-SDK-9.11-to-9.20", - "seeAlso": [ - "https://www.7-zip.org/sdk.html", - "https://sourceforge.net/projects/sevenzip/files/LZMA%20SDK/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LZMA-SDK-9.22.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LZMA-SDK-9.22.json", - "referenceNumber": 334, - "name": "LZMA SDK License (versions 9.22 and beyond)", - "licenseId": "LZMA-SDK-9.22", - "seeAlso": [ - "https://www.7-zip.org/sdk.html", - "https://sourceforge.net/projects/sevenzip/files/LZMA%20SDK/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MakeIndex.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MakeIndex.json", - "referenceNumber": 404, - "name": "MakeIndex License", - "licenseId": "MakeIndex", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MakeIndex" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Martin-Birgmeier.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Martin-Birgmeier.json", - "referenceNumber": 402, - "name": "Martin Birgmeier License", - "licenseId": "Martin-Birgmeier", - "seeAlso": [ - "https://github.com/Perl/perl5/blob/blead/util.c#L6136" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/metamail.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/metamail.json", - "referenceNumber": 139, - "name": "metamail License", - "licenseId": "metamail", - "seeAlso": [ - "https://github.com/Dual-Life/mime-base64/blob/master/Base64.xs#L12" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Minpack.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Minpack.json", - "referenceNumber": 547, - "name": "Minpack License", - "licenseId": "Minpack", - "seeAlso": [ - "http://www.netlib.org/minpack/disclaimer", - "https://gitlab.com/libeigen/eigen/-/blob/master/COPYING.MINPACK" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MirOS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MirOS.json", - "referenceNumber": 359, - "name": "The MirOS Licence", - "licenseId": "MirOS", - "seeAlso": [ - "https://opensource.org/licenses/MirOS" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MIT-Festival.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Festival.json", - "referenceNumber": 68, - "name": "MIT Festival Variant", - "licenseId": "MIT-Festival", - "seeAlso": [ - "https://github.com/festvox/flite/blob/master/COPYING", - "https://github.com/festvox/speech_tools/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-Modern-Variant.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Modern-Variant.json", - "referenceNumber": 475, - "name": "MIT License Modern Variant", - "licenseId": "MIT-Modern-Variant", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:MIT#Modern_Variants", - "https://ptolemy.berkeley.edu/copyright.htm", - "https://pirlwww.lpl.arizona.edu/resources/guide/software/PerlTk/Tixlic.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MIT-open-group.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-open-group.json", - "referenceNumber": 506, - "name": "MIT Open Group variant", - "licenseId": "MIT-open-group", - "seeAlso": [ - "https://gitlab.freedesktop.org/xorg/app/iceauth/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xvinfo/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xsetroot/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xauth/-/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-Wu.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Wu.json", - "referenceNumber": 405, - "name": "MIT Tom Wu Variant", - "licenseId": "MIT-Wu", - "seeAlso": [ - "https://github.com/chromium/octane/blob/master/crypto.js" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MITNFA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MITNFA.json", - "referenceNumber": 114, - "name": "MIT +no-false-attribs license", - "licenseId": "MITNFA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MITNFA" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Motosoto.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Motosoto.json", - "referenceNumber": 540, - "name": "Motosoto License", - "licenseId": "Motosoto", - "seeAlso": [ - "https://opensource.org/licenses/Motosoto" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/mpi-permissive.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mpi-permissive.json", - "referenceNumber": 377, - "name": "mpi Permissive License", - "licenseId": "mpi-permissive", - "seeAlso": [ - "https://sources.debian.org/src/openmpi/4.1.0-10/ompi/debuggers/msgq_interface.h/?hl\u003d19#L19" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/mpich2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mpich2.json", - "referenceNumber": 208, - "name": "mpich2 License", - "licenseId": "mpich2", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/mplus.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mplus.json", - "referenceNumber": 409, - "name": "mplus Font License", - "licenseId": "mplus", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:Mplus?rd\u003dLicensing/mplus" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MTLL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MTLL.json", - "referenceNumber": 67, - "name": "Matrix Template Library License", - "licenseId": "MTLL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Matrix_Template_Library_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MulanPSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MulanPSL-1.0.json", - "referenceNumber": 58, - "name": "Mulan Permissive Software License, Version 1", - "licenseId": "MulanPSL-1.0", - "seeAlso": [ - "https://license.coscl.org.cn/MulanPSL/", - "https://github.com/yuwenlong/longphp/blob/25dfb70cc2a466dc4bb55ba30901cbce08d164b5/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MulanPSL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MulanPSL-2.0.json", - "referenceNumber": 74, - "name": "Mulan Permissive Software License, Version 2", - "licenseId": "MulanPSL-2.0", - "seeAlso": [ - "https://license.coscl.org.cn/MulanPSL2/" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Multics.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Multics.json", - "referenceNumber": 389, - "name": "Multics License", - "licenseId": "Multics", - "seeAlso": [ - "https://opensource.org/licenses/Multics" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Mup.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Mup.json", - "referenceNumber": 4, - "name": "Mup License", - "licenseId": "Mup", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Mup" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NASA-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NASA-1.3.json", - "referenceNumber": 394, - "name": "NASA Open Source Agreement 1.3", - "licenseId": "NASA-1.3", - "seeAlso": [ - "http://ti.arc.nasa.gov/opensource/nosa/", - "https://opensource.org/licenses/NASA-1.3" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Naumen.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Naumen.json", - "referenceNumber": 240, - "name": "Naumen Public License", - "licenseId": "Naumen", - "seeAlso": [ - "https://opensource.org/licenses/Naumen" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NBPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NBPL-1.0.json", - "referenceNumber": 177, - "name": "Net Boolean Public License v1", - "licenseId": "NBPL-1.0", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d37b4b3f6cc4bf34e1d3dec61e69914b9819d8894" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NCGL-UK-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NCGL-UK-2.0.json", - "referenceNumber": 492, - "name": "Non-Commercial Government Licence", - "licenseId": "NCGL-UK-2.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/non-commercial-government-licence/version/2/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NCSA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NCSA.json", - "referenceNumber": 390, - "name": "University of Illinois/NCSA Open Source License", - "licenseId": "NCSA", - "seeAlso": [ - "http://otm.illinois.edu/uiuc_openSource", - "https://opensource.org/licenses/NCSA" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NetCDF.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NetCDF.json", - "referenceNumber": 56, - "name": "NetCDF license", - "licenseId": "NetCDF", - "seeAlso": [ - "http://www.unidata.ucar.edu/software/netcdf/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Newsletr.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Newsletr.json", - "referenceNumber": 137, - "name": "Newsletr License", - "licenseId": "Newsletr", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Newsletr" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NGPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NGPL.json", - "referenceNumber": 436, - "name": "Nethack General Public License", - "licenseId": "NGPL", - "seeAlso": [ - "https://opensource.org/licenses/NGPL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NICTA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NICTA-1.0.json", - "referenceNumber": 256, - "name": "NICTA Public Software License, Version 1.0", - "licenseId": "NICTA-1.0", - "seeAlso": [ - "https://opensource.apple.com/source/mDNSResponder/mDNSResponder-320.10/mDNSPosix/nss_ReadMe.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-PD.json", - "referenceNumber": 319, - "name": "NIST Public Domain Notice", - "licenseId": "NIST-PD", - "seeAlso": [ - "https://github.com/tcheneau/simpleRPL/blob/e645e69e38dd4e3ccfeceb2db8cba05b7c2e0cd3/LICENSE.txt", - "https://github.com/tcheneau/Routing/blob/f09f46fcfe636107f22f2c98348188a65a135d98/README.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-PD-fallback.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-PD-fallback.json", - "referenceNumber": 233, - "name": "NIST Public Domain Notice with license fallback", - "licenseId": "NIST-PD-fallback", - "seeAlso": [ - "https://github.com/usnistgov/jsip/blob/59700e6926cbe96c5cdae897d9a7d2656b42abe3/LICENSE", - "https://github.com/usnistgov/fipy/blob/86aaa5c2ba2c6f1be19593c5986071cf6568cc34/LICENSE.rst" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-Software.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-Software.json", - "referenceNumber": 198, - "name": "NIST Software License", - "licenseId": "NIST-Software", - "seeAlso": [ - "https://github.com/open-quantum-safe/liboqs/blob/40b01fdbb270f8614fde30e65d30e9da18c02393/src/common/rand/rand_nist.c#L1-L15" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLOD-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLOD-1.0.json", - "referenceNumber": 179, - "name": "Norwegian Licence for Open Government Data (NLOD) 1.0", - "licenseId": "NLOD-1.0", - "seeAlso": [ - "http://data.norge.no/nlod/en/1.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLOD-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLOD-2.0.json", - "referenceNumber": 234, - "name": "Norwegian Licence for Open Government Data (NLOD) 2.0", - "licenseId": "NLOD-2.0", - "seeAlso": [ - "http://data.norge.no/nlod/en/2.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLPL.json", - "referenceNumber": 301, - "name": "No Limit Public License", - "licenseId": "NLPL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/NLPL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Nokia.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Nokia.json", - "referenceNumber": 285, - "name": "Nokia Open Source License", - "licenseId": "Nokia", - "seeAlso": [ - "https://opensource.org/licenses/nokia" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NOSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NOSL.json", - "referenceNumber": 438, - "name": "Netizen Open Source License", - "licenseId": "NOSL", - "seeAlso": [ - "http://bits.netizen.com.au/licenses/NOSL/nosl.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Noweb.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Noweb.json", - "referenceNumber": 277, - "name": "Noweb License", - "licenseId": "Noweb", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Noweb" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPL-1.0.json", - "referenceNumber": 174, - "name": "Netscape Public License v1.0", - "licenseId": "NPL-1.0", - "seeAlso": [ - "http://www.mozilla.org/MPL/NPL/1.0/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPL-1.1.json", - "referenceNumber": 282, - "name": "Netscape Public License v1.1", - "licenseId": "NPL-1.1", - "seeAlso": [ - "http://www.mozilla.org/MPL/NPL/1.1/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NPOSL-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPOSL-3.0.json", - "referenceNumber": 312, - "name": "Non-Profit Open Software License 3.0", - "licenseId": "NPOSL-3.0", - "seeAlso": [ - "https://opensource.org/licenses/NOSL3.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NRL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NRL.json", - "referenceNumber": 184, - "name": "NRL License", - "licenseId": "NRL", - "seeAlso": [ - "http://web.mit.edu/network/isakmp/nrllicense.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NTP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NTP.json", - "referenceNumber": 55, - "name": "NTP License", - "licenseId": "NTP", - "seeAlso": [ - "https://opensource.org/licenses/NTP" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NTP-0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NTP-0.json", - "referenceNumber": 257, - "name": "NTP No Attribution", - "licenseId": "NTP-0", - "seeAlso": [ - "https://github.com/tytso/e2fsprogs/blob/master/lib/et/et_name.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Nunit.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/Nunit.json", - "referenceNumber": 420, - "name": "Nunit License", - "licenseId": "Nunit", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Nunit" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/O-UDA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/O-UDA-1.0.json", - "referenceNumber": 468, - "name": "Open Use of Data Agreement v1.0", - "licenseId": "O-UDA-1.0", - "seeAlso": [ - "https://github.com/microsoft/Open-Use-of-Data-Agreement/blob/v1.0/O-UDA-1.0.md", - "https://cdla.dev/open-use-of-data-agreement-v1-0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OCCT-PL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OCCT-PL.json", - "referenceNumber": 444, - "name": "Open CASCADE Technology Public License", - "licenseId": "OCCT-PL", - "seeAlso": [ - "http://www.opencascade.com/content/occt-public-license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OCLC-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OCLC-2.0.json", - "referenceNumber": 17, - "name": "OCLC Research Public License 2.0", - "licenseId": "OCLC-2.0", - "seeAlso": [ - "http://www.oclc.org/research/activities/software/license/v2final.htm", - "https://opensource.org/licenses/OCLC-2.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/ODbL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ODbL-1.0.json", - "referenceNumber": 39, - "name": "Open Data Commons Open Database License v1.0", - "licenseId": "ODbL-1.0", - "seeAlso": [ - "http://www.opendatacommons.org/licenses/odbl/1.0/", - "https://opendatacommons.org/licenses/odbl/1-0/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ODC-By-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ODC-By-1.0.json", - "referenceNumber": 254, - "name": "Open Data Commons Attribution License v1.0", - "licenseId": "ODC-By-1.0", - "seeAlso": [ - "https://opendatacommons.org/licenses/by/1.0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OFFIS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFFIS.json", - "referenceNumber": 172, - "name": "OFFIS License", - "licenseId": "OFFIS", - "seeAlso": [ - "https://sourceforge.net/p/xmedcon/code/ci/master/tree/libs/dicom/README" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGC-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGC-1.0.json", - "referenceNumber": 387, - "name": "OGC Software License, Version 1.0", - "licenseId": "OGC-1.0", - "seeAlso": [ - "https://www.ogc.org/ogc/software/1.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGDL-Taiwan-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGDL-Taiwan-1.0.json", - "referenceNumber": 501, - "name": "Taiwan Open Government Data License, version 1.0", - "licenseId": "OGDL-Taiwan-1.0", - "seeAlso": [ - "https://data.gov.tw/license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-Canada-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-Canada-2.0.json", - "referenceNumber": 426, - "name": "Open Government Licence - Canada", - "licenseId": "OGL-Canada-2.0", - "seeAlso": [ - "https://open.canada.ca/en/open-government-licence-canada" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-1.0.json", - "referenceNumber": 230, - "name": "Open Government Licence v1.0", - "licenseId": "OGL-UK-1.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/1/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-2.0.json", - "referenceNumber": 232, - "name": "Open Government Licence v2.0", - "licenseId": "OGL-UK-2.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/2/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-3.0.json", - "referenceNumber": 343, - "name": "Open Government Licence v3.0", - "licenseId": "OGL-UK-3.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGTSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGTSL.json", - "referenceNumber": 62, - "name": "Open Group Test Suite License", - "licenseId": "OGTSL", - "seeAlso": [ - "http://www.opengroup.org/testing/downloads/The_Open_Group_TSL.txt", - "https://opensource.org/licenses/OGTSL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.1.json", - "referenceNumber": 291, - "name": "Open LDAP Public License v1.1", - "licenseId": "OLDAP-1.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d806557a5ad59804ef3a44d5abfbe91d706b0791f" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.2.json", - "referenceNumber": 227, - "name": "Open LDAP Public License v1.2", - "licenseId": "OLDAP-1.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d42b0383c50c299977b5893ee695cf4e486fb0dc7" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.3.json", - "referenceNumber": 151, - "name": "Open LDAP Public License v1.3", - "licenseId": "OLDAP-1.3", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003de5f8117f0ce088d0bd7a8e18ddf37eaa40eb09b1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.4.json", - "referenceNumber": 259, - "name": "Open LDAP Public License v1.4", - "licenseId": "OLDAP-1.4", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dc9f95c2f3f2ffb5e0ae55fe7388af75547660941" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.0.json", - "referenceNumber": 242, - "name": "Open LDAP Public License v2.0 (or possibly 2.0A and 2.0B)", - "licenseId": "OLDAP-2.0", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dcbf50f4e1185a21abd4c0a54d3f4341fe28f36ea" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.0.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.0.1.json", - "referenceNumber": 471, - "name": "Open LDAP Public License v2.0.1", - "licenseId": "OLDAP-2.0.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003db6d68acd14e51ca3aab4428bf26522aa74873f0e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.1.json", - "referenceNumber": 443, - "name": "Open LDAP Public License v2.1", - "licenseId": "OLDAP-2.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003db0d176738e96a0d3b9f85cb51e140a86f21be715" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.json", - "referenceNumber": 210, - "name": "Open LDAP Public License v2.2", - "licenseId": "OLDAP-2.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d470b0c18ec67621c85881b2733057fecf4a1acc3" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.1.json", - "referenceNumber": 375, - "name": "Open LDAP Public License v2.2.1", - "licenseId": "OLDAP-2.2.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d4bc786f34b50aa301be6f5600f58a980070f481e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.2.json", - "referenceNumber": 305, - "name": "Open LDAP Public License 2.2.2", - "licenseId": "OLDAP-2.2.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003ddf2cc1e21eb7c160695f5b7cffd6296c151ba188" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.3.json", - "referenceNumber": 215, - "name": "Open LDAP Public License v2.3", - "licenseId": "OLDAP-2.3", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dd32cf54a32d581ab475d23c810b0a7fbaf8d63c3" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.4.json", - "referenceNumber": 91, - "name": "Open LDAP Public License v2.4", - "licenseId": "OLDAP-2.4", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dcd1284c4a91a8a380d904eee68d1583f989ed386" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.5.json", - "referenceNumber": 535, - "name": "Open LDAP Public License v2.5", - "licenseId": "OLDAP-2.5", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d6852b9d90022e8593c98205413380536b1b5a7cf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.6.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.6.json", - "referenceNumber": 499, - "name": "Open LDAP Public License v2.6", - "licenseId": "OLDAP-2.6", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d1cae062821881f41b73012ba816434897abf4205" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.7.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.7.json", - "referenceNumber": 386, - "name": "Open LDAP Public License v2.7", - "licenseId": "OLDAP-2.7", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d47c2415c1df81556eeb39be6cad458ef87c534a2" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.8.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.8.json", - "referenceNumber": 205, - "name": "Open LDAP Public License v2.8", - "licenseId": "OLDAP-2.8", - "seeAlso": [ - "http://www.openldap.org/software/release/license.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OLFL-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLFL-1.3.json", - "referenceNumber": 61, - "name": "Open Logistics Foundation License Version 1.3", - "licenseId": "OLFL-1.3", - "seeAlso": [ - "https://openlogisticsfoundation.org/licenses/", - "https://opensource.org/license/olfl-1-3/" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OML.json", - "referenceNumber": 528, - "name": "Open Market License", - "licenseId": "OML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Open_Market_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OpenPBS-2.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OpenPBS-2.3.json", - "referenceNumber": 252, - "name": "OpenPBS v2.3 Software License", - "licenseId": "OpenPBS-2.3", - "seeAlso": [ - "https://github.com/adaptivecomputing/torque/blob/master/PBS_License.txt", - "https://www.mcs.anl.gov/research/projects/openpbs/PBS_License.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OPL-1.0.json", - "referenceNumber": 171, - "name": "Open Public License v1.0", - "licenseId": "OPL-1.0", - "seeAlso": [ - "http://old.koalateam.com/jackaroo/OPL_1_0.TXT", - "https://fedoraproject.org/wiki/Licensing/Open_Public_License" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/OPUBL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OPUBL-1.0.json", - "referenceNumber": 279, - "name": "Open Publication License v1.0", - "licenseId": "OPUBL-1.0", - "seeAlso": [ - "http://opencontent.org/openpub/", - "https://www.debian.org/opl", - "https://www.ctan.org/license/opl" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OSET-PL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSET-PL-2.1.json", - "referenceNumber": 412, - "name": "OSET Public License version 2.1", - "licenseId": "OSET-PL-2.1", - "seeAlso": [ - "http://www.osetfoundation.org/public-license", - "https://opensource.org/licenses/OPL-2.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-1.0.json", - "referenceNumber": 459, - "name": "Open Software License 1.0", - "licenseId": "OSL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/OSL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-1.1.json", - "referenceNumber": 197, - "name": "Open Software License 1.1", - "licenseId": "OSL-1.1", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/OSL1.1" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-2.0.json", - "referenceNumber": 513, - "name": "Open Software License 2.0", - "licenseId": "OSL-2.0", - "seeAlso": [ - "http://web.archive.org/web/20041020171434/http://www.rosenlaw.com/osl2.0.html" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-2.1.json", - "referenceNumber": 452, - "name": "Open Software License 2.1", - "licenseId": "OSL-2.1", - "seeAlso": [ - "http://web.archive.org/web/20050212003940/http://www.rosenlaw.com/osl21.htm", - "https://opensource.org/licenses/OSL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-3.0.json", - "referenceNumber": 446, - "name": "Open Software License 3.0", - "licenseId": "OSL-3.0", - "seeAlso": [ - "https://web.archive.org/web/20120101081418/http://rosenlaw.com:80/OSL3.0.htm", - "https://opensource.org/licenses/OSL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Parity-6.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Parity-6.0.0.json", - "referenceNumber": 315, - "name": "The Parity Public License 6.0.0", - "licenseId": "Parity-6.0.0", - "seeAlso": [ - "https://paritylicense.com/versions/6.0.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Parity-7.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Parity-7.0.0.json", - "referenceNumber": 352, - "name": "The Parity Public License 7.0.0", - "licenseId": "Parity-7.0.0", - "seeAlso": [ - "https://paritylicense.com/versions/7.0.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PDDL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PDDL-1.0.json", - "referenceNumber": 398, - "name": "Open Data Commons Public Domain Dedication \u0026 License 1.0", - "licenseId": "PDDL-1.0", - "seeAlso": [ - "http://opendatacommons.org/licenses/pddl/1.0/", - "https://opendatacommons.org/licenses/pddl/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PolyForm-Noncommercial-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PolyForm-Noncommercial-1.0.0.json", - "referenceNumber": 388, - "name": "PolyForm Noncommercial License 1.0.0", - "licenseId": "PolyForm-Noncommercial-1.0.0", - "seeAlso": [ - "https://polyformproject.org/licenses/noncommercial/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PolyForm-Small-Business-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PolyForm-Small-Business-1.0.0.json", - "referenceNumber": 526, - "name": "PolyForm Small Business License 1.0.0", - "licenseId": "PolyForm-Small-Business-1.0.0", - "seeAlso": [ - "https://polyformproject.org/licenses/small-business/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PSF-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PSF-2.0.json", - "referenceNumber": 85, - "name": "Python Software Foundation License 2.0", - "licenseId": "PSF-2.0", - "seeAlso": [ - "https://opensource.org/licenses/Python-2.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/psfrag.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/psfrag.json", - "referenceNumber": 255, - "name": "psfrag License", - "licenseId": "psfrag", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/psfrag" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/psutils.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/psutils.json", - "referenceNumber": 325, - "name": "psutils License", - "licenseId": "psutils", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/psutils" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Qhull.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Qhull.json", - "referenceNumber": 378, - "name": "Qhull License", - "licenseId": "Qhull", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Qhull" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/QPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/QPL-1.0.json", - "referenceNumber": 118, - "name": "Q Public License 1.0", - "licenseId": "QPL-1.0", - "seeAlso": [ - "http://doc.qt.nokia.com/3.3/license.html", - "https://opensource.org/licenses/QPL-1.0", - "https://doc.qt.io/archives/3.3/license.html" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/QPL-1.0-INRIA-2004.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/QPL-1.0-INRIA-2004.json", - "referenceNumber": 480, - "name": "Q Public License 1.0 - INRIA 2004 variant", - "licenseId": "QPL-1.0-INRIA-2004", - "seeAlso": [ - "https://github.com/maranget/hevea/blob/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Rdisc.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Rdisc.json", - "referenceNumber": 45, - "name": "Rdisc License", - "licenseId": "Rdisc", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Rdisc_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/RHeCos-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RHeCos-1.1.json", - "referenceNumber": 453, - "name": "Red Hat eCos Public License v1.1", - "licenseId": "RHeCos-1.1", - "seeAlso": [ - "http://ecos.sourceware.org/old-license.html" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/RPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPL-1.1.json", - "referenceNumber": 512, - "name": "Reciprocal Public License 1.1", - "licenseId": "RPL-1.1", - "seeAlso": [ - "https://opensource.org/licenses/RPL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/RPL-1.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPL-1.5.json", - "referenceNumber": 76, - "name": "Reciprocal Public License 1.5", - "licenseId": "RPL-1.5", - "seeAlso": [ - "https://opensource.org/licenses/RPL-1.5" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/RPSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPSL-1.0.json", - "referenceNumber": 510, - "name": "RealNetworks Public Source License v1.0", - "licenseId": "RPSL-1.0", - "seeAlso": [ - "https://helixcommunity.org/content/rpsl", - "https://opensource.org/licenses/RPSL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/RSCPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RSCPL.json", - "referenceNumber": 287, - "name": "Ricoh Source Code Public License", - "licenseId": "RSCPL", - "seeAlso": [ - "http://wayback.archive.org/web/20060715140826/http://www.risource.org/RPL/RPL-1.0A.shtml", - "https://opensource.org/licenses/RSCPL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/SAX-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SAX-PD.json", - "referenceNumber": 435, - "name": "Sax Public Domain Notice", - "licenseId": "SAX-PD", - "seeAlso": [ - "http://www.saxproject.org/copying.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Saxpath.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Saxpath.json", - "referenceNumber": 460, - "name": "Saxpath License", - "licenseId": "Saxpath", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Saxpath_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SchemeReport.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SchemeReport.json", - "referenceNumber": 525, - "name": "Scheme Language Report License", - "licenseId": "SchemeReport", - "seeAlso": [], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Sendmail.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sendmail.json", - "referenceNumber": 432, - "name": "Sendmail License", - "licenseId": "Sendmail", - "seeAlso": [ - "http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf", - "https://web.archive.org/web/20160322142305/https://www.sendmail.com/pdfs/open_source/sendmail_license.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Sendmail-8.23.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sendmail-8.23.json", - "referenceNumber": 236, - "name": "Sendmail License 8.23", - "licenseId": "Sendmail-8.23", - "seeAlso": [ - "https://www.proofpoint.com/sites/default/files/sendmail-license.pdf", - "https://web.archive.org/web/20181003101040/https://www.proofpoint.com/sites/default/files/sendmail-license.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-1.0.json", - "referenceNumber": 18, - "name": "SGI Free Software License B v1.0", - "licenseId": "SGI-B-1.0", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/SGIFreeSWLicB.1.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-1.1.json", - "referenceNumber": 328, - "name": "SGI Free Software License B v1.1", - "licenseId": "SGI-B-1.1", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-2.0.json", - "referenceNumber": 497, - "name": "SGI Free Software License B v2.0", - "licenseId": "SGI-B-2.0", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/SGIFreeSWLicB.2.0.pdf" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SGP4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGP4.json", - "referenceNumber": 294, - "name": "SGP4 Permission Notice", - "licenseId": "SGP4", - "seeAlso": [ - "https://celestrak.org/publications/AIAA/2006-6753/faq.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SHL-0.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SHL-0.5.json", - "referenceNumber": 422, - "name": "Solderpad Hardware License v0.5", - "licenseId": "SHL-0.5", - "seeAlso": [ - "https://solderpad.org/licenses/SHL-0.5/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SHL-0.51.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SHL-0.51.json", - "referenceNumber": 374, - "name": "Solderpad Hardware License, Version 0.51", - "licenseId": "SHL-0.51", - "seeAlso": [ - "https://solderpad.org/licenses/SHL-0.51/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SimPL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SimPL-2.0.json", - "referenceNumber": 302, - "name": "Simple Public License 2.0", - "licenseId": "SimPL-2.0", - "seeAlso": [ - "https://opensource.org/licenses/SimPL-2.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Sleepycat.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sleepycat.json", - "referenceNumber": 449, - "name": "Sleepycat License", - "licenseId": "Sleepycat", - "seeAlso": [ - "https://opensource.org/licenses/Sleepycat" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SMLNJ.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SMLNJ.json", - "referenceNumber": 406, - "name": "Standard ML of New Jersey License", - "licenseId": "SMLNJ", - "seeAlso": [ - "https://www.smlnj.org/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SMPPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SMPPL.json", - "referenceNumber": 31, - "name": "Secure Messaging Protocol Public License", - "licenseId": "SMPPL", - "seeAlso": [ - "https://github.com/dcblake/SMP/blob/master/Documentation/License.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SNIA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SNIA.json", - "referenceNumber": 249, - "name": "SNIA Public License 1.1", - "licenseId": "SNIA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/SNIA_Public_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/snprintf.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/snprintf.json", - "referenceNumber": 353, - "name": "snprintf License", - "licenseId": "snprintf", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/master/openbsd-compat/bsd-snprintf.c#L2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SPL-1.0.json", - "referenceNumber": 120, - "name": "Sun Public License v1.0", - "licenseId": "SPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/SPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SSH-OpenSSH.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SSH-OpenSSH.json", - "referenceNumber": 14, - "name": "SSH OpenSSH license", - "licenseId": "SSH-OpenSSH", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/1b11ea7c58cd5c59838b5fa574cd456d6047b2d4/LICENCE#L10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SSH-short.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SSH-short.json", - "referenceNumber": 532, - "name": "SSH short notice", - "licenseId": "SSH-short", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/1b11ea7c58cd5c59838b5fa574cd456d6047b2d4/pathnames.h", - "http://web.mit.edu/kolya/.f/root/athena.mit.edu/sipb.mit.edu/project/openssh/OldFiles/src/openssh-2.9.9p2/ssh-add.1", - "https://joinup.ec.europa.eu/svn/lesoll/trunk/italc/lib/src/dsa_key.cpp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/StandardML-NJ.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/StandardML-NJ.json", - "referenceNumber": 262, - "name": "Standard ML of New Jersey License", - "licenseId": "StandardML-NJ", - "seeAlso": [ - "https://www.smlnj.org/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SugarCRM-1.1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SugarCRM-1.1.3.json", - "referenceNumber": 41, - "name": "SugarCRM Public License v1.1.3", - "licenseId": "SugarCRM-1.1.3", - "seeAlso": [ - "http://www.sugarcrm.com/crm/SPL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SunPro.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SunPro.json", - "referenceNumber": 311, - "name": "SunPro License", - "licenseId": "SunPro", - "seeAlso": [ - "https://github.com/freebsd/freebsd-src/blob/main/lib/msun/src/e_acosh.c", - "https://github.com/freebsd/freebsd-src/blob/main/lib/msun/src/e_lgammal.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SWL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SWL.json", - "referenceNumber": 368, - "name": "Scheme Widget Library (SWL) Software License Agreement", - "licenseId": "SWL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/SWL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Symlinks.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Symlinks.json", - "referenceNumber": 326, - "name": "Symlinks License", - "licenseId": "Symlinks", - "seeAlso": [ - "https://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg11494.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TAPR-OHL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TAPR-OHL-1.0.json", - "referenceNumber": 309, - "name": "TAPR Open Hardware License v1.0", - "licenseId": "TAPR-OHL-1.0", - "seeAlso": [ - "https://www.tapr.org/OHL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TCL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TCL.json", - "referenceNumber": 271, - "name": "TCL/TK License", - "licenseId": "TCL", - "seeAlso": [ - "http://www.tcl.tk/software/tcltk/license.html", - "https://fedoraproject.org/wiki/Licensing/TCL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TCP-wrappers.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TCP-wrappers.json", - "referenceNumber": 293, - "name": "TCP Wrappers License", - "licenseId": "TCP-wrappers", - "seeAlso": [ - "http://rc.quest.com/topics/openssh/license.php#tcpwrappers" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TermReadKey.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TermReadKey.json", - "referenceNumber": 191, - "name": "TermReadKey License", - "licenseId": "TermReadKey", - "seeAlso": [ - "https://github.com/jonathanstowe/TermReadKey/blob/master/README#L9-L10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TMate.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TMate.json", - "referenceNumber": 231, - "name": "TMate Open Source License", - "licenseId": "TMate", - "seeAlso": [ - "http://svnkit.com/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TORQUE-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TORQUE-1.1.json", - "referenceNumber": 25, - "name": "TORQUE v2.5+ Software License v1.1", - "licenseId": "TORQUE-1.1", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TORQUEv1.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TOSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TOSL.json", - "referenceNumber": 313, - "name": "Trusster Open Source License", - "licenseId": "TOSL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TOSL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TPDL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TPDL.json", - "referenceNumber": 331, - "name": "Time::ParseDate License", - "licenseId": "TPDL", - "seeAlso": [ - "https://metacpan.org/pod/Time::ParseDate#LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TPL-1.0.json", - "referenceNumber": 456, - "name": "THOR Public License 1.0", - "licenseId": "TPL-1.0", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:ThorPublicLicense" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TTWL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TTWL.json", - "referenceNumber": 60, - "name": "Text-Tabs+Wrap License", - "licenseId": "TTWL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TTWL", - "https://github.com/ap/Text-Tabs/blob/master/lib.modern/Text/Tabs.pm#L148" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TU-Berlin-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TU-Berlin-1.0.json", - "referenceNumber": 248, - "name": "Technische Universitaet Berlin License 1.0", - "licenseId": "TU-Berlin-1.0", - "seeAlso": [ - "https://github.com/swh/ladspa/blob/7bf6f3799fdba70fda297c2d8fd9f526803d9680/gsm/COPYRIGHT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TU-Berlin-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TU-Berlin-2.0.json", - "referenceNumber": 455, - "name": "Technische Universitaet Berlin License 2.0", - "licenseId": "TU-Berlin-2.0", - "seeAlso": [ - "https://github.com/CorsixTH/deps/blob/fd339a9f526d1d9c9f01ccf39e438a015da50035/licences/libgsm.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/UCAR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UCAR.json", - "referenceNumber": 94, - "name": "UCAR License", - "licenseId": "UCAR", - "seeAlso": [ - "https://github.com/Unidata/UDUNITS-2/blob/master/COPYRIGHT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/UCL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UCL-1.0.json", - "referenceNumber": 122, - "name": "Upstream Compatibility License v1.0", - "licenseId": "UCL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/UCL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Unlicense.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Unlicense.json", - "referenceNumber": 538, - "name": "The Unlicense", - "licenseId": "Unlicense", - "seeAlso": [ - "https://unlicense.org/" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/UPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UPL-1.0.json", - "referenceNumber": 379, - "name": "Universal Permissive License v1.0", - "licenseId": "UPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/UPL" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Vim.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Vim.json", - "referenceNumber": 195, - "name": "Vim License", - "licenseId": "Vim", - "seeAlso": [ - "http://vimdoc.sourceforge.net/htmldoc/uganda.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/VOSTROM.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/VOSTROM.json", - "referenceNumber": 502, - "name": "VOSTROM Public License for Open Source", - "licenseId": "VOSTROM", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/VOSTROM" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/VSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/VSL-1.0.json", - "referenceNumber": 440, - "name": "Vovida Software License v1.0", - "licenseId": "VSL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/VSL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Watcom-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Watcom-1.0.json", - "referenceNumber": 106, - "name": "Sybase Open Watcom Public License 1.0", - "licenseId": "Watcom-1.0", - "seeAlso": [ - "https://opensource.org/licenses/Watcom-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Widget-Workshop.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Widget-Workshop.json", - "referenceNumber": 143, - "name": "Widget Workshop License", - "licenseId": "Widget-Workshop", - "seeAlso": [ - "https://github.com/novnc/noVNC/blob/master/core/crypto/des.js#L24" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Wsuipa.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Wsuipa.json", - "referenceNumber": 372, - "name": "Wsuipa License", - "licenseId": "Wsuipa", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Wsuipa" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/wxWindows.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/wxWindows.json", - "referenceNumber": 221, - "name": "wxWindows Library License", - "licenseId": "wxWindows", - "seeAlso": [ - "https://opensource.org/licenses/WXwindows" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/X11.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/X11.json", - "referenceNumber": 522, - "name": "X11 License", - "licenseId": "X11", - "seeAlso": [ - "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Xdebug-1.03.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xdebug-1.03.json", - "referenceNumber": 411, - "name": "Xdebug License v 1.03", - "licenseId": "Xdebug-1.03", - "seeAlso": [ - "https://github.com/xdebug/xdebug/blob/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xerox.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xerox.json", - "referenceNumber": 364, - "name": "Xerox License", - "licenseId": "Xerox", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Xerox" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xfig.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xfig.json", - "referenceNumber": 173, - "name": "Xfig License", - "licenseId": "Xfig", - "seeAlso": [ - "https://github.com/Distrotech/transfig/blob/master/transfig/transfig.c", - "https://fedoraproject.org/wiki/Licensing:MIT#Xfig_Variant", - "https://sourceforge.net/p/mcj/xfig/ci/master/tree/src/Makefile.am" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/XFree86-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/XFree86-1.1.json", - "referenceNumber": 104, - "name": "XFree86 License 1.1", - "licenseId": "XFree86-1.1", - "seeAlso": [ - "http://www.xfree86.org/current/LICENSE4.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/xinetd.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xinetd.json", - "referenceNumber": 505, - "name": "xinetd License", - "licenseId": "xinetd", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Xinetd_License" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/xlock.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xlock.json", - "referenceNumber": 289, - "name": "xlock License", - "licenseId": "xlock", - "seeAlso": [ - "https://fossies.org/linux/tiff/contrib/ras/ras2tif.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/xpp.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xpp.json", - "referenceNumber": 269, - "name": "XPP License", - "licenseId": "xpp", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/xpp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/XSkat.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/XSkat.json", - "referenceNumber": 407, - "name": "XSkat License", - "licenseId": "XSkat", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/XSkat_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/YPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/YPL-1.0.json", - "referenceNumber": 216, - "name": "Yahoo! Public License v1.0", - "licenseId": "YPL-1.0", - "seeAlso": [ - "http://www.zimbra.com/license/yahoo_public_license_1.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/YPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/YPL-1.1.json", - "referenceNumber": 283, - "name": "Yahoo! Public License v1.1", - "licenseId": "YPL-1.1", - "seeAlso": [ - "http://www.zimbra.com/license/yahoo_public_license_1.1.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Zed.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zed.json", - "referenceNumber": 275, - "name": "Zed License", - "licenseId": "Zed", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Zed" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Zimbra-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zimbra-1.3.json", - "referenceNumber": 489, - "name": "Zimbra Public License v1.3", - "licenseId": "Zimbra-1.3", - "seeAlso": [ - "http://web.archive.org/web/20100302225219/http://www.zimbra.com/license/zimbra-public-license-1-3.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Zimbra-1.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zimbra-1.4.json", - "referenceNumber": 421, - "name": "Zimbra Public License v1.4", - "licenseId": "Zimbra-1.4", - "seeAlso": [ - "http://www.zimbra.com/legal/zimbra-public-license-1-4" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ZPL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ZPL-2.1.json", - "referenceNumber": 454, - "name": "Zope Public License 2.1", - "licenseId": "ZPL-2.1", - "seeAlso": [ - "http://old.zope.org/Resources/ZPL/" - ], - "isOsiApproved": true, - "isFsfLibre": true - } - ], - "releaseDate": "2023-05-17" -} \ No newline at end of file diff --git a/docs/spdx-licenses-3-20.json b/docs/spdx-licenses-3-20.json deleted file mode 100644 index c9bff445..00000000 --- a/docs/spdx-licenses-3-20.json +++ /dev/null @@ -1,6950 +0,0 @@ -{ - "licenseListVersion": "4fe3e61", - "licenses": [ - { - "reference": "https://spdx.org/licenses/0BSD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/0BSD.json", - "referenceNumber": 424, - "name": "BSD Zero Clause License", - "licenseId": "0BSD", - "seeAlso": [ - "http://landley.net/toybox/license.html", - "https://opensource.org/licenses/0BSD" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/AAL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AAL.json", - "referenceNumber": 29, - "name": "Attribution Assurance License", - "licenseId": "AAL", - "seeAlso": [ - "https://opensource.org/licenses/attribution" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Abstyles.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Abstyles.json", - "referenceNumber": 224, - "name": "Abstyles License", - "licenseId": "Abstyles", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Abstyles" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AdaCore-doc.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AdaCore-doc.json", - "referenceNumber": 370, - "name": "AdaCore Doc License", - "licenseId": "AdaCore-doc", - "seeAlso": [ - "https://github.com/AdaCore/xmlada/blob/master/docs/index.rst", - "https://github.com/AdaCore/gnatcoll-core/blob/master/docs/index.rst", - "https://github.com/AdaCore/gnatcoll-db/blob/master/docs/index.rst" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Adobe-2006.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Adobe-2006.json", - "referenceNumber": 445, - "name": "Adobe Systems Incorporated Source Code License Agreement", - "licenseId": "Adobe-2006", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AdobeLicense" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Adobe-Glyph.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Adobe-Glyph.json", - "referenceNumber": 376, - "name": "Adobe Glyph List License", - "licenseId": "Adobe-Glyph", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT#AdobeGlyph" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ADSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ADSL.json", - "referenceNumber": 154, - "name": "Amazon Digital Services License", - "licenseId": "ADSL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AmazonDigitalServicesLicense" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AFL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AFL-1.1.json", - "referenceNumber": 266, - "name": "Academic Free License v1.1", - "licenseId": "AFL-1.1", - "seeAlso": [ - "http://opensource.linux-mirror.org/licenses/afl-1.1.txt", - "http://wayback.archive.org/web/20021004124254/http://www.opensource.org/licenses/academic.php" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AFL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AFL-1.2.json", - "referenceNumber": 356, - "name": "Academic Free License v1.2", - "licenseId": "AFL-1.2", - "seeAlso": [ - "http://opensource.linux-mirror.org/licenses/afl-1.2.txt", - "http://wayback.archive.org/web/20021204204652/http://www.opensource.org/licenses/academic.php" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AFL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AFL-2.0.json", - "referenceNumber": 32, - "name": "Academic Free License v2.0", - "licenseId": "AFL-2.0", - "seeAlso": [ - "http://wayback.archive.org/web/20060924134533/http://www.opensource.org/licenses/afl-2.0.txt" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AFL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AFL-2.1.json", - "referenceNumber": 316, - "name": "Academic Free License v2.1", - "licenseId": "AFL-2.1", - "seeAlso": [ - "http://opensource.linux-mirror.org/licenses/afl-2.1.txt" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AFL-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AFL-3.0.json", - "referenceNumber": 241, - "name": "Academic Free License v3.0", - "licenseId": "AFL-3.0", - "seeAlso": [ - "http://www.rosenlaw.com/AFL3.0.htm", - "https://opensource.org/licenses/afl-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Afmparse.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Afmparse.json", - "referenceNumber": 461, - "name": "Afmparse License", - "licenseId": "Afmparse", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Afmparse" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AGPL-1.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/AGPL-1.0.json", - "referenceNumber": 170, - "name": "Affero General Public License v1.0", - "licenseId": "AGPL-1.0", - "seeAlso": [ - "http://www.affero.org/oagpl.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AGPL-1.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AGPL-1.0-only.json", - "referenceNumber": 162, - "name": "Affero General Public License v1.0 only", - "licenseId": "AGPL-1.0-only", - "seeAlso": [ - "http://www.affero.org/oagpl.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AGPL-1.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AGPL-1.0-or-later.json", - "referenceNumber": 185, - "name": "Affero General Public License v1.0 or later", - "licenseId": "AGPL-1.0-or-later", - "seeAlso": [ - "http://www.affero.org/oagpl.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AGPL-3.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/AGPL-3.0.json", - "referenceNumber": 199, - "name": "GNU Affero General Public License v3.0", - "licenseId": "AGPL-3.0", - "seeAlso": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AGPL-3.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AGPL-3.0-only.json", - "referenceNumber": 321, - "name": "GNU Affero General Public License v3.0 only", - "licenseId": "AGPL-3.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/AGPL-3.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AGPL-3.0-or-later.json", - "referenceNumber": 380, - "name": "GNU Affero General Public License v3.0 or later", - "licenseId": "AGPL-3.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Aladdin.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Aladdin.json", - "referenceNumber": 196, - "name": "Aladdin Free Public License", - "licenseId": "Aladdin", - "seeAlso": [ - "http://pages.cs.wisc.edu/~ghost/doc/AFPL/6.01/Public.htm" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/AMDPLPA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AMDPLPA.json", - "referenceNumber": 155, - "name": "AMD\u0027s plpa_map.c License", - "licenseId": "AMDPLPA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AMD_plpa_map_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AML.json", - "referenceNumber": 415, - "name": "Apple MIT License", - "licenseId": "AML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Apple_MIT_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/AMPAS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/AMPAS.json", - "referenceNumber": 12, - "name": "Academy of Motion Picture Arts and Sciences BSD", - "licenseId": "AMPAS", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/BSD#AMPASBSD" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ANTLR-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ANTLR-PD.json", - "referenceNumber": 408, - "name": "ANTLR Software Rights Notice", - "licenseId": "ANTLR-PD", - "seeAlso": [ - "http://www.antlr2.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ANTLR-PD-fallback.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ANTLR-PD-fallback.json", - "referenceNumber": 300, - "name": "ANTLR Software Rights Notice with license fallback", - "licenseId": "ANTLR-PD-fallback", - "seeAlso": [ - "http://www.antlr2.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Apache-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Apache-1.0.json", - "referenceNumber": 401, - "name": "Apache License 1.0", - "licenseId": "Apache-1.0", - "seeAlso": [ - "http://www.apache.org/licenses/LICENSE-1.0" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Apache-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Apache-1.1.json", - "referenceNumber": 495, - "name": "Apache License 1.1", - "licenseId": "Apache-1.1", - "seeAlso": [ - "http://apache.org/licenses/LICENSE-1.1", - "https://opensource.org/licenses/Apache-1.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Apache-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Apache-2.0.json", - "referenceNumber": 158, - "name": "Apache License 2.0", - "licenseId": "Apache-2.0", - "seeAlso": [ - "https://www.apache.org/licenses/LICENSE-2.0", - "https://opensource.org/licenses/Apache-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/APAFML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APAFML.json", - "referenceNumber": 441, - "name": "Adobe Postscript AFM License", - "licenseId": "APAFML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/AdobePostscriptAFM" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/APL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APL-1.0.json", - "referenceNumber": 349, - "name": "Adaptive Public License 1.0", - "licenseId": "APL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/APL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/App-s2p.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/App-s2p.json", - "referenceNumber": 38, - "name": "App::s2p License", - "licenseId": "App-s2p", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/App-s2p" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/APSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APSL-1.0.json", - "referenceNumber": 467, - "name": "Apple Public Source License 1.0", - "licenseId": "APSL-1.0", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Apple_Public_Source_License_1.0" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/APSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APSL-1.1.json", - "referenceNumber": 253, - "name": "Apple Public Source License 1.1", - "licenseId": "APSL-1.1", - "seeAlso": [ - "http://www.opensource.apple.com/source/IOSerialFamily/IOSerialFamily-7/APPLE_LICENSE" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/APSL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APSL-1.2.json", - "referenceNumber": 362, - "name": "Apple Public Source License 1.2", - "licenseId": "APSL-1.2", - "seeAlso": [ - "http://www.samurajdata.se/opensource/mirror/licenses/apsl.php" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/APSL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/APSL-2.0.json", - "referenceNumber": 474, - "name": "Apple Public Source License 2.0", - "licenseId": "APSL-2.0", - "seeAlso": [ - "http://www.opensource.apple.com/license/apsl/" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Arphic-1999.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Arphic-1999.json", - "referenceNumber": 274, - "name": "Arphic Public License", - "licenseId": "Arphic-1999", - "seeAlso": [ - "http://ftp.gnu.org/gnu/non-gnu/chinese-fonts-truetype/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Artistic-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Artistic-1.0.json", - "referenceNumber": 396, - "name": "Artistic License 1.0", - "licenseId": "Artistic-1.0", - "seeAlso": [ - "https://opensource.org/licenses/Artistic-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Artistic-1.0-cl8.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Artistic-1.0-cl8.json", - "referenceNumber": 161, - "name": "Artistic License 1.0 w/clause 8", - "licenseId": "Artistic-1.0-cl8", - "seeAlso": [ - "https://opensource.org/licenses/Artistic-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Artistic-1.0-Perl.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Artistic-1.0-Perl.json", - "referenceNumber": 549, - "name": "Artistic License 1.0 (Perl)", - "licenseId": "Artistic-1.0-Perl", - "seeAlso": [ - "http://dev.perl.org/licenses/artistic.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Artistic-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Artistic-2.0.json", - "referenceNumber": 26, - "name": "Artistic License 2.0", - "licenseId": "Artistic-2.0", - "seeAlso": [ - "http://www.perlfoundation.org/artistic_license_2_0", - "https://www.perlfoundation.org/artistic-license-20.html", - "https://opensource.org/licenses/artistic-license-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ASWF-Digital-Assets-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ASWF-Digital-Assets-1.0.json", - "referenceNumber": 43, - "name": "ASWF Digital Assets License version 1.0", - "licenseId": "ASWF-Digital-Assets-1.0", - "seeAlso": [ - "https://github.com/AcademySoftwareFoundation/foundation/blob/main/digital_assets/aswf_digital_assets_license_v1.0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Baekmuk.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Baekmuk.json", - "referenceNumber": 6, - "name": "Baekmuk License", - "licenseId": "Baekmuk", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:Baekmuk?rd\u003dLicensing/Baekmuk" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bahyph.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bahyph.json", - "referenceNumber": 103, - "name": "Bahyph License", - "licenseId": "Bahyph", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Bahyph" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Barr.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Barr.json", - "referenceNumber": 92, - "name": "Barr License", - "licenseId": "Barr", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Barr" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Beerware.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Beerware.json", - "referenceNumber": 129, - "name": "Beerware License", - "licenseId": "Beerware", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Beerware", - "https://people.freebsd.org/~phk/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bitstream-Charter.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bitstream-Charter.json", - "referenceNumber": 213, - "name": "Bitstream Charter Font License", - "licenseId": "Bitstream-Charter", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Charter#License_Text", - "https://raw.githubusercontent.com/blackhole89/notekit/master/data/fonts/Charter%20license.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Bitstream-Vera.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Bitstream-Vera.json", - "referenceNumber": 323, - "name": "Bitstream Vera Font License", - "licenseId": "Bitstream-Vera", - "seeAlso": [ - "https://web.archive.org/web/20080207013128/http://www.gnome.org/fonts/", - "https://docubrain.com/sites/default/files/licenses/bitstream-vera.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BitTorrent-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BitTorrent-1.0.json", - "referenceNumber": 133, - "name": "BitTorrent Open Source License v1.0", - "licenseId": "BitTorrent-1.0", - "seeAlso": [ - "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/licenses/BitTorrent?r1\u003d1.1\u0026r2\u003d1.1.1.1\u0026diff_format\u003ds" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BitTorrent-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BitTorrent-1.1.json", - "referenceNumber": 86, - "name": "BitTorrent Open Source License v1.1", - "licenseId": "BitTorrent-1.1", - "seeAlso": [ - "http://directory.fsf.org/wiki/License:BitTorrentOSL1.1" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/blessing.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/blessing.json", - "referenceNumber": 413, - "name": "SQLite Blessing", - "licenseId": "blessing", - "seeAlso": [ - "https://www.sqlite.org/src/artifact/e33a4df7e32d742a?ln\u003d4-9", - "https://sqlite.org/src/artifact/df5091916dbb40e6" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BlueOak-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BlueOak-1.0.0.json", - "referenceNumber": 490, - "name": "Blue Oak Model License 1.0.0", - "licenseId": "BlueOak-1.0.0", - "seeAlso": [ - "https://blueoakcouncil.org/license/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Borceux.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Borceux.json", - "referenceNumber": 127, - "name": "Borceux license", - "licenseId": "Borceux", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Borceux" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Brian-Gladman-3-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Brian-Gladman-3-Clause.json", - "referenceNumber": 109, - "name": "Brian Gladman 3-Clause License", - "licenseId": "Brian-Gladman-3-Clause", - "seeAlso": [ - "https://github.com/SWI-Prolog/packages-clib/blob/master/sha1/brg_endian.h" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-1-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-1-Clause.json", - "referenceNumber": 93, - "name": "BSD 1-Clause License", - "licenseId": "BSD-1-Clause", - "seeAlso": [ - "https://svnweb.freebsd.org/base/head/include/ifaddrs.h?revision\u003d326823" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/BSD-2-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-2-Clause.json", - "referenceNumber": 124, - "name": "BSD 2-Clause \"Simplified\" License", - "licenseId": "BSD-2-Clause", - "seeAlso": [ - "https://opensource.org/licenses/BSD-2-Clause" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-2-Clause-FreeBSD.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/BSD-2-Clause-FreeBSD.json", - "referenceNumber": 214, - "name": "BSD 2-Clause FreeBSD License", - "licenseId": "BSD-2-Clause-FreeBSD", - "seeAlso": [ - "http://www.freebsd.org/copyright/freebsd-license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-2-Clause-NetBSD.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/BSD-2-Clause-NetBSD.json", - "referenceNumber": 304, - "name": "BSD 2-Clause NetBSD License", - "licenseId": "BSD-2-Clause-NetBSD", - "seeAlso": [ - "http://www.netbsd.org/about/redistribution.html#default" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-2-Clause-Patent.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-2-Clause-Patent.json", - "referenceNumber": 10, - "name": "BSD-2-Clause Plus Patent License", - "licenseId": "BSD-2-Clause-Patent", - "seeAlso": [ - "https://opensource.org/licenses/BSDplusPatent" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/BSD-2-Clause-Views.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-2-Clause-Views.json", - "referenceNumber": 263, - "name": "BSD 2-Clause with views sentence", - "licenseId": "BSD-2-Clause-Views", - "seeAlso": [ - "http://www.freebsd.org/copyright/freebsd-license.html", - "https://people.freebsd.org/~ivoras/wine/patch-wine-nvidia.sh", - "https://github.com/protegeproject/protege/blob/master/license.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause.json", - "referenceNumber": 310, - "name": "BSD 3-Clause \"New\" or \"Revised\" License", - "licenseId": "BSD-3-Clause", - "seeAlso": [ - "https://opensource.org/licenses/BSD-3-Clause", - "https://www.eclipse.org/org/documents/edl-v10.php" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-Attribution.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-Attribution.json", - "referenceNumber": 284, - "name": "BSD with attribution", - "licenseId": "BSD-3-Clause-Attribution", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/BSD_with_Attribution" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-Clear.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-Clear.json", - "referenceNumber": 44, - "name": "BSD 3-Clause Clear License", - "licenseId": "BSD-3-Clause-Clear", - "seeAlso": [ - "http://labs.metacarta.com/license-explanation.html#license" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-LBNL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-LBNL.json", - "referenceNumber": 498, - "name": "Lawrence Berkeley National Labs BSD variant license", - "licenseId": "BSD-3-Clause-LBNL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/LBNLBSD" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-Modification.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-Modification.json", - "referenceNumber": 493, - "name": "BSD 3-Clause Modification", - "licenseId": "BSD-3-Clause-Modification", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:BSD#Modification_Variant" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Military-License.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-No-Military-License.json", - "referenceNumber": 330, - "name": "BSD 3-Clause No Military License", - "licenseId": "BSD-3-Clause-No-Military-License", - "seeAlso": [ - "https://gitlab.syncad.com/hive/dhive/-/blob/master/LICENSE", - "https://github.com/greymass/swift-eosio/blob/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License.json", - "referenceNumber": 239, - "name": "BSD 3-Clause No Nuclear License", - "licenseId": "BSD-3-Clause-No-Nuclear-License", - "seeAlso": [ - "http://download.oracle.com/otn-pub/java/licenses/bsd.txt?AuthParam\u003d1467140197_43d516ce1776bd08a58235a7785be1cc" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License-2014.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License-2014.json", - "referenceNumber": 430, - "name": "BSD 3-Clause No Nuclear License 2014", - "licenseId": "BSD-3-Clause-No-Nuclear-License-2014", - "seeAlso": [ - "https://java.net/projects/javaeetutorial/pages/BerkeleyLicense" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-Warranty.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-Warranty.json", - "referenceNumber": 382, - "name": "BSD 3-Clause No Nuclear Warranty", - "licenseId": "BSD-3-Clause-No-Nuclear-Warranty", - "seeAlso": [ - "https://jogamp.org/git/?p\u003dgluegen.git;a\u003dblob_plain;f\u003dLICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-3-Clause-Open-MPI.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-3-Clause-Open-MPI.json", - "referenceNumber": 447, - "name": "BSD 3-Clause Open MPI variant", - "licenseId": "BSD-3-Clause-Open-MPI", - "seeAlso": [ - "https://www.open-mpi.org/community/license.php", - "http://www.netlib.org/lapack/LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-4-Clause.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-4-Clause.json", - "referenceNumber": 222, - "name": "BSD 4-Clause \"Original\" or \"Old\" License", - "licenseId": "BSD-4-Clause", - "seeAlso": [ - "http://directory.fsf.org/wiki/License:BSD_4Clause" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BSD-4-Clause-Shortened.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-4-Clause-Shortened.json", - "referenceNumber": 1, - "name": "BSD 4 Clause Shortened", - "licenseId": "BSD-4-Clause-Shortened", - "seeAlso": [ - "https://metadata.ftp-master.debian.org/changelogs//main/a/arpwatch/arpwatch_2.1a15-7_copyright" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-4-Clause-UC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-4-Clause-UC.json", - "referenceNumber": 539, - "name": "BSD-4-Clause (University of California-Specific)", - "licenseId": "BSD-4-Clause-UC", - "seeAlso": [ - "http://www.freebsd.org/copyright/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-4.3RENO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-4.3RENO.json", - "referenceNumber": 178, - "name": "BSD 4.3 RENO License", - "licenseId": "BSD-4.3RENO", - "seeAlso": [ - "https://sourceware.org/git/?p\u003dbinutils-gdb.git;a\u003dblob;f\u003dlibiberty/strcasecmp.c;h\u003d131d81c2ce7881fa48c363dc5bf5fb302c61ce0b;hb\u003dHEAD" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-4.3TAHOE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-4.3TAHOE.json", - "referenceNumber": 209, - "name": "BSD 4.3 TAHOE License", - "licenseId": "BSD-4.3TAHOE", - "seeAlso": [ - "https://github.com/389ds/389-ds-base/blob/main/ldap/include/sysexits-compat.h#L15", - "https://git.savannah.gnu.org/cgit/indent.git/tree/doc/indent.texi?id\u003da74c6b4ee49397cf330b333da1042bffa60ed14f#n1788" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-Advertising-Acknowledgement.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-Advertising-Acknowledgement.json", - "referenceNumber": 484, - "name": "BSD Advertising Acknowledgement License", - "licenseId": "BSD-Advertising-Acknowledgement", - "seeAlso": [ - "https://github.com/python-excel/xlrd/blob/master/LICENSE#L33" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-Attribution-HPND-disclaimer.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-Attribution-HPND-disclaimer.json", - "referenceNumber": 348, - "name": "BSD with Attribution and HPND disclaimer", - "licenseId": "BSD-Attribution-HPND-disclaimer", - "seeAlso": [ - "https://github.com/cyrusimap/cyrus-sasl/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-Protection.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-Protection.json", - "referenceNumber": 207, - "name": "BSD Protection License", - "licenseId": "BSD-Protection", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/BSD_Protection_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSD-Source-Code.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSD-Source-Code.json", - "referenceNumber": 324, - "name": "BSD Source Code Attribution", - "licenseId": "BSD-Source-Code", - "seeAlso": [ - "https://github.com/robbiehanson/CocoaHTTPServer/blob/master/LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/BSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BSL-1.0.json", - "referenceNumber": 450, - "name": "Boost Software License 1.0", - "licenseId": "BSL-1.0", - "seeAlso": [ - "http://www.boost.org/LICENSE_1_0.txt", - "https://opensource.org/licenses/BSL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/BUSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/BUSL-1.1.json", - "referenceNumber": 229, - "name": "Business Source License 1.1", - "licenseId": "BUSL-1.1", - "seeAlso": [ - "https://mariadb.com/bsl11/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/bzip2-1.0.5.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/bzip2-1.0.5.json", - "referenceNumber": 0, - "name": "bzip2 and libbzip2 License v1.0.5", - "licenseId": "bzip2-1.0.5", - "seeAlso": [ - "https://sourceware.org/bzip2/1.0.5/bzip2-manual-1.0.5.html", - "http://bzip.org/1.0.5/bzip2-manual-1.0.5.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/bzip2-1.0.6.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/bzip2-1.0.6.json", - "referenceNumber": 164, - "name": "bzip2 and libbzip2 License v1.0.6", - "licenseId": "bzip2-1.0.6", - "seeAlso": [ - "https://sourceware.org/git/?p\u003dbzip2.git;a\u003dblob;f\u003dLICENSE;hb\u003dbzip2-1.0.6", - "http://bzip.org/1.0.5/bzip2-manual-1.0.5.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/C-UDA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/C-UDA-1.0.json", - "referenceNumber": 543, - "name": "Computational Use of Data Agreement v1.0", - "licenseId": "C-UDA-1.0", - "seeAlso": [ - "https://github.com/microsoft/Computational-Use-of-Data-Agreement/blob/master/C-UDA-1.0.md", - "https://cdla.dev/computational-use-of-data-agreement-v1-0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CAL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CAL-1.0.json", - "referenceNumber": 551, - "name": "Cryptographic Autonomy License 1.0", - "licenseId": "CAL-1.0", - "seeAlso": [ - "http://cryptographicautonomylicense.com/license-text.html", - "https://opensource.org/licenses/CAL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CAL-1.0-Combined-Work-Exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CAL-1.0-Combined-Work-Exception.json", - "referenceNumber": 149, - "name": "Cryptographic Autonomy License 1.0 (Combined Work Exception)", - "licenseId": "CAL-1.0-Combined-Work-Exception", - "seeAlso": [ - "http://cryptographicautonomylicense.com/license-text.html", - "https://opensource.org/licenses/CAL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Caldera.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Caldera.json", - "referenceNumber": 188, - "name": "Caldera License", - "licenseId": "Caldera", - "seeAlso": [ - "http://www.lemis.com/grog/UNIX/ancient-source-all.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CATOSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CATOSL-1.1.json", - "referenceNumber": 148, - "name": "Computer Associates Trusted Open Source License 1.1", - "licenseId": "CATOSL-1.1", - "seeAlso": [ - "https://opensource.org/licenses/CATOSL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CC-BY-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-1.0.json", - "referenceNumber": 166, - "name": "Creative Commons Attribution 1.0 Generic", - "licenseId": "CC-BY-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by/1.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-2.0.json", - "referenceNumber": 487, - "name": "Creative Commons Attribution 2.0 Generic", - "licenseId": "CC-BY-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by/2.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-2.5.json", - "referenceNumber": 473, - "name": "Creative Commons Attribution 2.5 Generic", - "licenseId": "CC-BY-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by/2.5/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-2.5-AU.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-2.5-AU.json", - "referenceNumber": 384, - "name": "Creative Commons Attribution 2.5 Australia", - "licenseId": "CC-BY-2.5-AU", - "seeAlso": [ - "https://creativecommons.org/licenses/by/2.5/au/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0.json", - "referenceNumber": 531, - "name": "Creative Commons Attribution 3.0 Unported", - "licenseId": "CC-BY-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0-AT.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0-AT.json", - "referenceNumber": 88, - "name": "Creative Commons Attribution 3.0 Austria", - "licenseId": "CC-BY-3.0-AT", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/at/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0-DE.json", - "referenceNumber": 63, - "name": "Creative Commons Attribution 3.0 Germany", - "licenseId": "CC-BY-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0-IGO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0-IGO.json", - "referenceNumber": 65, - "name": "Creative Commons Attribution 3.0 IGO", - "licenseId": "CC-BY-3.0-IGO", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/igo/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0-NL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0-NL.json", - "referenceNumber": 541, - "name": "Creative Commons Attribution 3.0 Netherlands", - "licenseId": "CC-BY-3.0-NL", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/nl/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-3.0-US.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-3.0-US.json", - "referenceNumber": 357, - "name": "Creative Commons Attribution 3.0 United States", - "licenseId": "CC-BY-3.0-US", - "seeAlso": [ - "https://creativecommons.org/licenses/by/3.0/us/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-4.0.json", - "referenceNumber": 520, - "name": "Creative Commons Attribution 4.0 International", - "licenseId": "CC-BY-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by/4.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-1.0.json", - "referenceNumber": 400, - "name": "Creative Commons Attribution Non Commercial 1.0 Generic", - "licenseId": "CC-BY-NC-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/1.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-2.0.json", - "referenceNumber": 141, - "name": "Creative Commons Attribution Non Commercial 2.0 Generic", - "licenseId": "CC-BY-NC-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/2.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-2.5.json", - "referenceNumber": 132, - "name": "Creative Commons Attribution Non Commercial 2.5 Generic", - "licenseId": "CC-BY-NC-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/2.5/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-3.0.json", - "referenceNumber": 30, - "name": "Creative Commons Attribution Non Commercial 3.0 Unported", - "licenseId": "CC-BY-NC-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/3.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-3.0-DE.json", - "referenceNumber": 35, - "name": "Creative Commons Attribution Non Commercial 3.0 Germany", - "licenseId": "CC-BY-NC-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-4.0.json", - "referenceNumber": 135, - "name": "Creative Commons Attribution Non Commercial 4.0 International", - "licenseId": "CC-BY-NC-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc/4.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-1.0.json", - "referenceNumber": 204, - "name": "Creative Commons Attribution Non Commercial No Derivatives 1.0 Generic", - "licenseId": "CC-BY-NC-ND-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd-nc/1.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-2.0.json", - "referenceNumber": 496, - "name": "Creative Commons Attribution Non Commercial No Derivatives 2.0 Generic", - "licenseId": "CC-BY-NC-ND-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/2.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-2.5.json", - "referenceNumber": 34, - "name": "Creative Commons Attribution Non Commercial No Derivatives 2.5 Generic", - "licenseId": "CC-BY-NC-ND-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/2.5/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-3.0.json", - "referenceNumber": 46, - "name": "Creative Commons Attribution Non Commercial No Derivatives 3.0 Unported", - "licenseId": "CC-BY-NC-ND-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/3.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-3.0-DE.json", - "referenceNumber": 2, - "name": "Creative Commons Attribution Non Commercial No Derivatives 3.0 Germany", - "licenseId": "CC-BY-NC-ND-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-3.0-IGO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-3.0-IGO.json", - "referenceNumber": 40, - "name": "Creative Commons Attribution Non Commercial No Derivatives 3.0 IGO", - "licenseId": "CC-BY-NC-ND-3.0-IGO", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/3.0/igo/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-ND-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-ND-4.0.json", - "referenceNumber": 272, - "name": "Creative Commons Attribution Non Commercial No Derivatives 4.0 International", - "licenseId": "CC-BY-NC-ND-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-1.0.json", - "referenceNumber": 476, - "name": "Creative Commons Attribution Non Commercial Share Alike 1.0 Generic", - "licenseId": "CC-BY-NC-SA-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/1.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-2.0.json", - "referenceNumber": 431, - "name": "Creative Commons Attribution Non Commercial Share Alike 2.0 Generic", - "licenseId": "CC-BY-NC-SA-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/2.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-DE.json", - "referenceNumber": 371, - "name": "Creative Commons Attribution Non Commercial Share Alike 2.0 Germany", - "licenseId": "CC-BY-NC-SA-2.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/2.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-FR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-FR.json", - "referenceNumber": 73, - "name": "Creative Commons Attribution-NonCommercial-ShareAlike 2.0 France", - "licenseId": "CC-BY-NC-SA-2.0-FR", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/2.0/fr/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-UK.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-2.0-UK.json", - "referenceNumber": 102, - "name": "Creative Commons Attribution Non Commercial Share Alike 2.0 England and Wales", - "licenseId": "CC-BY-NC-SA-2.0-UK", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/2.0/uk/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-2.5.json", - "referenceNumber": 517, - "name": "Creative Commons Attribution Non Commercial Share Alike 2.5 Generic", - "licenseId": "CC-BY-NC-SA-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/2.5/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-3.0.json", - "referenceNumber": 152, - "name": "Creative Commons Attribution Non Commercial Share Alike 3.0 Unported", - "licenseId": "CC-BY-NC-SA-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/3.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-3.0-DE.json", - "referenceNumber": 105, - "name": "Creative Commons Attribution Non Commercial Share Alike 3.0 Germany", - "licenseId": "CC-BY-NC-SA-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-3.0-IGO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-3.0-IGO.json", - "referenceNumber": 113, - "name": "Creative Commons Attribution Non Commercial Share Alike 3.0 IGO", - "licenseId": "CC-BY-NC-SA-3.0-IGO", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/3.0/igo/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-NC-SA-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-NC-SA-4.0.json", - "referenceNumber": 77, - "name": "Creative Commons Attribution Non Commercial Share Alike 4.0 International", - "licenseId": "CC-BY-NC-SA-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nc-sa/4.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-1.0.json", - "referenceNumber": 72, - "name": "Creative Commons Attribution No Derivatives 1.0 Generic", - "licenseId": "CC-BY-ND-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/1.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-2.0.json", - "referenceNumber": 193, - "name": "Creative Commons Attribution No Derivatives 2.0 Generic", - "licenseId": "CC-BY-ND-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/2.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-2.5.json", - "referenceNumber": 342, - "name": "Creative Commons Attribution No Derivatives 2.5 Generic", - "licenseId": "CC-BY-ND-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/2.5/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-3.0.json", - "referenceNumber": 414, - "name": "Creative Commons Attribution No Derivatives 3.0 Unported", - "licenseId": "CC-BY-ND-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/3.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-3.0-DE.json", - "referenceNumber": 439, - "name": "Creative Commons Attribution No Derivatives 3.0 Germany", - "licenseId": "CC-BY-ND-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-ND-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-ND-4.0.json", - "referenceNumber": 128, - "name": "Creative Commons Attribution No Derivatives 4.0 International", - "licenseId": "CC-BY-ND-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-nd/4.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-1.0.json", - "referenceNumber": 27, - "name": "Creative Commons Attribution Share Alike 1.0 Generic", - "licenseId": "CC-BY-SA-1.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/1.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-2.0.json", - "referenceNumber": 290, - "name": "Creative Commons Attribution Share Alike 2.0 Generic", - "licenseId": "CC-BY-SA-2.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/2.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-2.0-UK.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-2.0-UK.json", - "referenceNumber": 3, - "name": "Creative Commons Attribution Share Alike 2.0 England and Wales", - "licenseId": "CC-BY-SA-2.0-UK", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/2.0/uk/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-2.1-JP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-2.1-JP.json", - "referenceNumber": 363, - "name": "Creative Commons Attribution Share Alike 2.1 Japan", - "licenseId": "CC-BY-SA-2.1-JP", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/2.1/jp/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-2.5.json", - "referenceNumber": 159, - "name": "Creative Commons Attribution Share Alike 2.5 Generic", - "licenseId": "CC-BY-SA-2.5", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/2.5/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-3.0.json", - "referenceNumber": 355, - "name": "Creative Commons Attribution Share Alike 3.0 Unported", - "licenseId": "CC-BY-SA-3.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/3.0/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-3.0-AT.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-3.0-AT.json", - "referenceNumber": 425, - "name": "Creative Commons Attribution Share Alike 3.0 Austria", - "licenseId": "CC-BY-SA-3.0-AT", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/3.0/at/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-3.0-DE.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-3.0-DE.json", - "referenceNumber": 410, - "name": "Creative Commons Attribution Share Alike 3.0 Germany", - "licenseId": "CC-BY-SA-3.0-DE", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/3.0/de/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-3.0-IGO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-3.0-IGO.json", - "referenceNumber": 5, - "name": "Creative Commons Attribution-ShareAlike 3.0 IGO", - "licenseId": "CC-BY-SA-3.0-IGO", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/3.0/igo/legalcode" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC-BY-SA-4.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-BY-SA-4.0.json", - "referenceNumber": 81, - "name": "Creative Commons Attribution Share Alike 4.0 International", - "licenseId": "CC-BY-SA-4.0", - "seeAlso": [ - "https://creativecommons.org/licenses/by-sa/4.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CC-PDDC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC-PDDC.json", - "referenceNumber": 176, - "name": "Creative Commons Public Domain Dedication and Certification", - "licenseId": "CC-PDDC", - "seeAlso": [ - "https://creativecommons.org/licenses/publicdomain/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CC0-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CC0-1.0.json", - "referenceNumber": 516, - "name": "Creative Commons Zero v1.0 Universal", - "licenseId": "CC0-1.0", - "seeAlso": [ - "https://creativecommons.org/publicdomain/zero/1.0/legalcode" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CDDL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDDL-1.0.json", - "referenceNumber": 218, - "name": "Common Development and Distribution License 1.0", - "licenseId": "CDDL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/cddl1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CDDL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDDL-1.1.json", - "referenceNumber": 163, - "name": "Common Development and Distribution License 1.1", - "licenseId": "CDDL-1.1", - "seeAlso": [ - "http://glassfish.java.net/public/CDDL+GPL_1_1.html", - "https://javaee.github.io/glassfish/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CDL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDL-1.0.json", - "referenceNumber": 202, - "name": "Common Documentation License 1.0", - "licenseId": "CDL-1.0", - "seeAlso": [ - "http://www.opensource.apple.com/cdl/", - "https://fedoraproject.org/wiki/Licensing/Common_Documentation_License", - "https://www.gnu.org/licenses/license-list.html#ACDL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CDLA-Permissive-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDLA-Permissive-1.0.json", - "referenceNumber": 462, - "name": "Community Data License Agreement Permissive 1.0", - "licenseId": "CDLA-Permissive-1.0", - "seeAlso": [ - "https://cdla.io/permissive-1-0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CDLA-Permissive-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDLA-Permissive-2.0.json", - "referenceNumber": 504, - "name": "Community Data License Agreement Permissive 2.0", - "licenseId": "CDLA-Permissive-2.0", - "seeAlso": [ - "https://cdla.dev/permissive-2-0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CDLA-Sharing-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CDLA-Sharing-1.0.json", - "referenceNumber": 169, - "name": "Community Data License Agreement Sharing 1.0", - "licenseId": "CDLA-Sharing-1.0", - "seeAlso": [ - "https://cdla.io/sharing-1-0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-1.0.json", - "referenceNumber": 136, - "name": "CeCILL Free Software License Agreement v1.0", - "licenseId": "CECILL-1.0", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V1-fr.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-1.1.json", - "referenceNumber": 358, - "name": "CeCILL Free Software License Agreement v1.1", - "licenseId": "CECILL-1.1", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V1.1-US.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CECILL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-2.0.json", - "referenceNumber": 75, - "name": "CeCILL Free Software License Agreement v2.0", - "licenseId": "CECILL-2.0", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V2-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-2.1.json", - "referenceNumber": 245, - "name": "CeCILL Free Software License Agreement v2.1", - "licenseId": "CECILL-2.1", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL_V2.1-en.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-B.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-B.json", - "referenceNumber": 98, - "name": "CeCILL-B Free Software License Agreement", - "licenseId": "CECILL-B", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CECILL-C.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CECILL-C.json", - "referenceNumber": 223, - "name": "CeCILL-C Free Software License Agreement", - "licenseId": "CECILL-C", - "seeAlso": [ - "http://www.cecill.info/licences/Licence_CeCILL-C_V1-en.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-1.1.json", - "referenceNumber": 24, - "name": "CERN Open Hardware Licence v1.1", - "licenseId": "CERN-OHL-1.1", - "seeAlso": [ - "https://www.ohwr.org/project/licenses/wikis/cern-ohl-v1.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-1.2.json", - "referenceNumber": 500, - "name": "CERN Open Hardware Licence v1.2", - "licenseId": "CERN-OHL-1.2", - "seeAlso": [ - "https://www.ohwr.org/project/licenses/wikis/cern-ohl-v1.2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-P-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-P-2.0.json", - "referenceNumber": 206, - "name": "CERN Open Hardware Licence Version 2 - Permissive", - "licenseId": "CERN-OHL-P-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-S-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-S-2.0.json", - "referenceNumber": 367, - "name": "CERN Open Hardware Licence Version 2 - Strongly Reciprocal", - "licenseId": "CERN-OHL-S-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CERN-OHL-W-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CERN-OHL-W-2.0.json", - "referenceNumber": 226, - "name": "CERN Open Hardware Licence Version 2 - Weakly Reciprocal", - "licenseId": "CERN-OHL-W-2.0", - "seeAlso": [ - "https://www.ohwr.org/project/cernohl/wikis/Documents/CERN-OHL-version-2" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CFITSIO.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CFITSIO.json", - "referenceNumber": 418, - "name": "CFITSIO License", - "licenseId": "CFITSIO", - "seeAlso": [ - "https://heasarc.gsfc.nasa.gov/docs/software/fitsio/c/f_user/node9.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/checkmk.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/checkmk.json", - "referenceNumber": 167, - "name": "Checkmk License", - "licenseId": "checkmk", - "seeAlso": [ - "https://github.com/libcheck/check/blob/master/checkmk/checkmk.in" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ClArtistic.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ClArtistic.json", - "referenceNumber": 466, - "name": "Clarified Artistic License", - "licenseId": "ClArtistic", - "seeAlso": [ - "http://gianluca.dellavedova.org/2011/01/03/clarified-artistic-license/", - "http://www.ncftp.com/ncftp/doc/LICENSE.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Clips.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Clips.json", - "referenceNumber": 258, - "name": "Clips License", - "licenseId": "Clips", - "seeAlso": [ - "https://github.com/DrItanium/maya/blob/master/LICENSE.CLIPS" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CMU-Mach.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CMU-Mach.json", - "referenceNumber": 385, - "name": "CMU Mach License", - "licenseId": "CMU-Mach", - "seeAlso": [ - "https://www.cs.cmu.edu/~410/licenses.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CNRI-Jython.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Jython.json", - "referenceNumber": 485, - "name": "CNRI Jython License", - "licenseId": "CNRI-Jython", - "seeAlso": [ - "http://www.jython.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CNRI-Python.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Python.json", - "referenceNumber": 251, - "name": "CNRI Python License", - "licenseId": "CNRI-Python", - "seeAlso": [ - "https://opensource.org/licenses/CNRI-Python" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/CNRI-Python-GPL-Compatible.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CNRI-Python-GPL-Compatible.json", - "referenceNumber": 237, - "name": "CNRI Python Open Source GPL Compatible License Agreement", - "licenseId": "CNRI-Python-GPL-Compatible", - "seeAlso": [ - "http://www.python.org/download/releases/1.6.1/download_win/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/COIL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/COIL-1.0.json", - "referenceNumber": 307, - "name": "Copyfree Open Innovation License", - "licenseId": "COIL-1.0", - "seeAlso": [ - "https://coil.apotheon.org/plaintext/01.0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Community-Spec-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Community-Spec-1.0.json", - "referenceNumber": 192, - "name": "Community Specification License 1.0", - "licenseId": "Community-Spec-1.0", - "seeAlso": [ - "https://github.com/CommunitySpecification/1.0/blob/master/1._Community_Specification_License-v1.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Condor-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Condor-1.1.json", - "referenceNumber": 116, - "name": "Condor Public License v1.1", - "licenseId": "Condor-1.1", - "seeAlso": [ - "http://research.cs.wisc.edu/condor/license.html#condor", - "http://web.archive.org/web/20111123062036/http://research.cs.wisc.edu/condor/license.html#condor" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/copyleft-next-0.3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/copyleft-next-0.3.0.json", - "referenceNumber": 483, - "name": "copyleft-next 0.3.0", - "licenseId": "copyleft-next-0.3.0", - "seeAlso": [ - "https://github.com/copyleft-next/copyleft-next/blob/master/Releases/copyleft-next-0.3.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/copyleft-next-0.3.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/copyleft-next-0.3.1.json", - "referenceNumber": 150, - "name": "copyleft-next 0.3.1", - "licenseId": "copyleft-next-0.3.1", - "seeAlso": [ - "https://github.com/copyleft-next/copyleft-next/blob/master/Releases/copyleft-next-0.3.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Cornell-Lossless-JPEG.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Cornell-Lossless-JPEG.json", - "referenceNumber": 147, - "name": "Cornell Lossless JPEG License", - "licenseId": "Cornell-Lossless-JPEG", - "seeAlso": [ - "https://android.googlesource.com/platform/external/dng_sdk/+/refs/heads/master/source/dng_lossless_jpeg.cpp#16", - "https://www.mssl.ucl.ac.uk/~mcrw/src/20050920/proto.h", - "https://gitlab.freedesktop.org/libopenraw/libopenraw/blob/master/lib/ljpegdecompressor.cpp#L32" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CPAL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CPAL-1.0.json", - "referenceNumber": 238, - "name": "Common Public Attribution License 1.0", - "licenseId": "CPAL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/CPAL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CPL-1.0.json", - "referenceNumber": 442, - "name": "Common Public License 1.0", - "licenseId": "CPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/CPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/CPOL-1.02.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CPOL-1.02.json", - "referenceNumber": 168, - "name": "Code Project Open License 1.02", - "licenseId": "CPOL-1.02", - "seeAlso": [ - "http://www.codeproject.com/info/cpol10.aspx" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Crossword.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Crossword.json", - "referenceNumber": 393, - "name": "Crossword License", - "licenseId": "Crossword", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Crossword" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/cryptsetup-OpenSSL-exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/cryptsetup-OpenSSL-exception.json", - "referenceNumber": 542, - "name": "cryptsetup OpenSSL exception", - "licenseId": "cryptsetup-OpenSSL-exception", - "seeAlso": [ - "https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/COPYING", - "https://gitlab.nic.cz/datovka/datovka/-/blob/develop/COPYING", - "https://github.com/nbs-system/naxsi/blob/951123ad456bdf5ac94e8d8819342fe3d49bc002/naxsi_src/naxsi_raw.c", - "http://web.mit.edu/jgross/arch/amd64_deb60/bin/mosh" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CrystalStacker.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CrystalStacker.json", - "referenceNumber": 383, - "name": "CrystalStacker License", - "licenseId": "CrystalStacker", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:CrystalStacker?rd\u003dLicensing/CrystalStacker" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/CUA-OPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/CUA-OPL-1.0.json", - "referenceNumber": 90, - "name": "CUA Office Public License v1.0", - "licenseId": "CUA-OPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/CUA-OPL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Cube.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Cube.json", - "referenceNumber": 157, - "name": "Cube License", - "licenseId": "Cube", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Cube" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/curl.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/curl.json", - "referenceNumber": 434, - "name": "curl License", - "licenseId": "curl", - "seeAlso": [ - "https://github.com/bagder/curl/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/D-FSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/D-FSL-1.0.json", - "referenceNumber": 121, - "name": "Deutsche Freie Software Lizenz", - "licenseId": "D-FSL-1.0", - "seeAlso": [ - "http://www.dipp.nrw.de/d-fsl/lizenzen/", - "http://www.dipp.nrw.de/d-fsl/index_html/lizenzen/de/D-FSL-1_0_de.txt", - "http://www.dipp.nrw.de/d-fsl/index_html/lizenzen/en/D-FSL-1_0_en.txt", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/deutsche-freie-software-lizenz", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/german-free-software-license", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/D-FSL-1_0_de.txt/at_download/file", - "https://www.hbz-nrw.de/produkte/open-access/lizenzen/dfsl/D-FSL-1_0_en.txt/at_download/file" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/diffmark.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/diffmark.json", - "referenceNumber": 369, - "name": "diffmark license", - "licenseId": "diffmark", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/diffmark" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DL-DE-BY-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DL-DE-BY-2.0.json", - "referenceNumber": 84, - "name": "Data licence Germany – attribution – version 2.0", - "licenseId": "DL-DE-BY-2.0", - "seeAlso": [ - "https://www.govdata.de/dl-de/by-2-0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DOC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DOC.json", - "referenceNumber": 243, - "name": "DOC License", - "licenseId": "DOC", - "seeAlso": [ - "http://www.cs.wustl.edu/~schmidt/ACE-copying.html", - "https://www.dre.vanderbilt.edu/~schmidt/ACE-copying.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Dotseqn.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Dotseqn.json", - "referenceNumber": 361, - "name": "Dotseqn License", - "licenseId": "Dotseqn", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Dotseqn" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DRL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DRL-1.0.json", - "referenceNumber": 87, - "name": "Detection Rule License 1.0", - "licenseId": "DRL-1.0", - "seeAlso": [ - "https://github.com/Neo23x0/sigma/blob/master/LICENSE.Detection.Rules.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/DSDP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/DSDP.json", - "referenceNumber": 203, - "name": "DSDP License", - "licenseId": "DSDP", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/DSDP" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/dvipdfm.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/dvipdfm.json", - "referenceNumber": 22, - "name": "dvipdfm License", - "licenseId": "dvipdfm", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/dvipdfm" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ECL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ECL-1.0.json", - "referenceNumber": 246, - "name": "Educational Community License v1.0", - "licenseId": "ECL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/ECL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/ECL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ECL-2.0.json", - "referenceNumber": 181, - "name": "Educational Community License v2.0", - "licenseId": "ECL-2.0", - "seeAlso": [ - "https://opensource.org/licenses/ECL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/eCos-2.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/eCos-2.0.json", - "referenceNumber": 8, - "name": "eCos license version 2.0", - "licenseId": "eCos-2.0", - "seeAlso": [ - "https://www.gnu.org/licenses/ecos-license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/EFL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EFL-1.0.json", - "referenceNumber": 295, - "name": "Eiffel Forum License v1.0", - "licenseId": "EFL-1.0", - "seeAlso": [ - "http://www.eiffel-nice.org/license/forum.txt", - "https://opensource.org/licenses/EFL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/EFL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EFL-2.0.json", - "referenceNumber": 247, - "name": "Eiffel Forum License v2.0", - "licenseId": "EFL-2.0", - "seeAlso": [ - "http://www.eiffel-nice.org/license/eiffel-forum-license-2.html", - "https://opensource.org/licenses/EFL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/eGenix.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/eGenix.json", - "referenceNumber": 250, - "name": "eGenix.com Public License 1.1.0", - "licenseId": "eGenix", - "seeAlso": [ - "http://www.egenix.com/products/eGenix.com-Public-License-1.1.0.pdf", - "https://fedoraproject.org/wiki/Licensing/eGenix.com_Public_License_1.1.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Elastic-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Elastic-2.0.json", - "referenceNumber": 469, - "name": "Elastic License 2.0", - "licenseId": "Elastic-2.0", - "seeAlso": [ - "https://www.elastic.co/licensing/elastic-license", - "https://github.com/elastic/elasticsearch/blob/master/licenses/ELASTIC-LICENSE-2.0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Entessa.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Entessa.json", - "referenceNumber": 190, - "name": "Entessa Public License v1.0", - "licenseId": "Entessa", - "seeAlso": [ - "https://opensource.org/licenses/Entessa" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/EPICS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EPICS.json", - "referenceNumber": 429, - "name": "EPICS Open License", - "licenseId": "EPICS", - "seeAlso": [ - "https://epics.anl.gov/license/open.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/EPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EPL-1.0.json", - "referenceNumber": 345, - "name": "Eclipse Public License 1.0", - "licenseId": "EPL-1.0", - "seeAlso": [ - "http://www.eclipse.org/legal/epl-v10.html", - "https://opensource.org/licenses/EPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/EPL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EPL-2.0.json", - "referenceNumber": 59, - "name": "Eclipse Public License 2.0", - "licenseId": "EPL-2.0", - "seeAlso": [ - "https://www.eclipse.org/legal/epl-2.0", - "https://www.opensource.org/licenses/EPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ErlPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ErlPL-1.1.json", - "referenceNumber": 317, - "name": "Erlang Public License v1.1", - "licenseId": "ErlPL-1.1", - "seeAlso": [ - "http://www.erlang.org/EPLICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/etalab-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/etalab-2.0.json", - "referenceNumber": 186, - "name": "Etalab Open License 2.0", - "licenseId": "etalab-2.0", - "seeAlso": [ - "https://github.com/DISIC/politique-de-contribution-open-source/blob/master/LICENSE.pdf", - "https://raw.githubusercontent.com/DISIC/politique-de-contribution-open-source/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/EUDatagrid.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EUDatagrid.json", - "referenceNumber": 366, - "name": "EU DataGrid Software License", - "licenseId": "EUDatagrid", - "seeAlso": [ - "http://eu-datagrid.web.cern.ch/eu-datagrid/license.html", - "https://opensource.org/licenses/EUDatagrid" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/EUPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EUPL-1.0.json", - "referenceNumber": 465, - "name": "European Union Public License 1.0", - "licenseId": "EUPL-1.0", - "seeAlso": [ - "http://ec.europa.eu/idabc/en/document/7330.html", - "http://ec.europa.eu/idabc/servlets/Doc027f.pdf?id\u003d31096" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/EUPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EUPL-1.1.json", - "referenceNumber": 503, - "name": "European Union Public License 1.1", - "licenseId": "EUPL-1.1", - "seeAlso": [ - "https://joinup.ec.europa.eu/software/page/eupl/licence-eupl", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl1.1.-licence-en_0.pdf", - "https://opensource.org/licenses/EUPL-1.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/EUPL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/EUPL-1.2.json", - "referenceNumber": 399, - "name": "European Union Public License 1.2", - "licenseId": "EUPL-1.2", - "seeAlso": [ - "https://joinup.ec.europa.eu/page/eupl-text-11-12", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/2020-03/EUPL-1.2%20EN.txt", - "https://joinup.ec.europa.eu/sites/default/files/inline-files/EUPL%20v1_2%20EN(1).txt", - "http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri\u003dCELEX:32017D0863", - "https://opensource.org/licenses/EUPL-1.2" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Eurosym.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Eurosym.json", - "referenceNumber": 336, - "name": "Eurosym License", - "licenseId": "Eurosym", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Eurosym" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Fair.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Fair.json", - "referenceNumber": 33, - "name": "Fair License", - "licenseId": "Fair", - "seeAlso": [ - "http://fairlicense.org/", - "https://opensource.org/licenses/Fair" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/FDK-AAC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FDK-AAC.json", - "referenceNumber": 347, - "name": "Fraunhofer FDK AAC Codec Library", - "licenseId": "FDK-AAC", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FDK-AAC", - "https://directory.fsf.org/wiki/License:Fdk" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Frameworx-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Frameworx-1.0.json", - "referenceNumber": 125, - "name": "Frameworx Open License 1.0", - "licenseId": "Frameworx-1.0", - "seeAlso": [ - "https://opensource.org/licenses/Frameworx-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/FreeBSD-DOC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FreeBSD-DOC.json", - "referenceNumber": 416, - "name": "FreeBSD Documentation License", - "licenseId": "FreeBSD-DOC", - "seeAlso": [ - "https://www.freebsd.org/copyright/freebsd-doc-license/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FreeImage.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FreeImage.json", - "referenceNumber": 219, - "name": "FreeImage Public License v1.0", - "licenseId": "FreeImage", - "seeAlso": [ - "http://freeimage.sourceforge.net/freeimage-license.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFAP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFAP.json", - "referenceNumber": 146, - "name": "FSF All Permissive License", - "licenseId": "FSFAP", - "seeAlso": [ - "https://www.gnu.org/prep/maintain/html_node/License-Notices-for-Other-Files.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/FSFUL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFUL.json", - "referenceNumber": 270, - "name": "FSF Unlimited License", - "licenseId": "FSFUL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FSF_Unlimited_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFULLR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFULLR.json", - "referenceNumber": 524, - "name": "FSF Unlimited License (with License Retention)", - "licenseId": "FSFULLR", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/FSF_Unlimited_License#License_Retention_Variant" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FSFULLRWD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FSFULLRWD.json", - "referenceNumber": 54, - "name": "FSF Unlimited License (With License Retention and Warranty Disclaimer)", - "licenseId": "FSFULLRWD", - "seeAlso": [ - "https://lists.gnu.org/archive/html/autoconf/2012-04/msg00061.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/FTL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/FTL.json", - "referenceNumber": 395, - "name": "Freetype Project License", - "licenseId": "FTL", - "seeAlso": [ - "http://freetype.fis.uniroma2.it/FTL.TXT", - "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/FTL.TXT", - "http://gitlab.freedesktop.org/freetype/freetype/-/raw/master/docs/FTL.TXT" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GD.json", - "referenceNumber": 521, - "name": "GD License", - "licenseId": "GD", - "seeAlso": [ - "https://libgd.github.io/manuals/2.3.0/files/license-txt.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1.json", - "referenceNumber": 145, - "name": "GNU Free Documentation License v1.1", - "licenseId": "GFDL-1.1", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-invariants-only.json", - "referenceNumber": 491, - "name": "GNU Free Documentation License v1.1 only - invariants", - "licenseId": "GFDL-1.1-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-invariants-or-later.json", - "referenceNumber": 360, - "name": "GNU Free Documentation License v1.1 or later - invariants", - "licenseId": "GFDL-1.1-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-no-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-no-invariants-only.json", - "referenceNumber": 21, - "name": "GNU Free Documentation License v1.1 only - no invariants", - "licenseId": "GFDL-1.1-no-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-no-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-no-invariants-or-later.json", - "referenceNumber": 297, - "name": "GNU Free Documentation License v1.1 or later - no invariants", - "licenseId": "GFDL-1.1-no-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-only.json", - "referenceNumber": 123, - "name": "GNU Free Documentation License v1.1 only", - "licenseId": "GFDL-1.1-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.1-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.1-or-later.json", - "referenceNumber": 57, - "name": "GNU Free Documentation License v1.1 or later", - "licenseId": "GFDL-1.1-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2.json", - "referenceNumber": 299, - "name": "GNU Free Documentation License v1.2", - "licenseId": "GFDL-1.2", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-invariants-only.json", - "referenceNumber": 296, - "name": "GNU Free Documentation License v1.2 only - invariants", - "licenseId": "GFDL-1.2-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-invariants-or-later.json", - "referenceNumber": 78, - "name": "GNU Free Documentation License v1.2 or later - invariants", - "licenseId": "GFDL-1.2-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-no-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-no-invariants-only.json", - "referenceNumber": 95, - "name": "GNU Free Documentation License v1.2 only - no invariants", - "licenseId": "GFDL-1.2-no-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-no-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-no-invariants-or-later.json", - "referenceNumber": 339, - "name": "GNU Free Documentation License v1.2 or later - no invariants", - "licenseId": "GFDL-1.2-no-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-only.json", - "referenceNumber": 189, - "name": "GNU Free Documentation License v1.2 only", - "licenseId": "GFDL-1.2-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.2-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.2-or-later.json", - "referenceNumber": 322, - "name": "GNU Free Documentation License v1.2 or later", - "licenseId": "GFDL-1.2-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3.json", - "referenceNumber": 97, - "name": "GNU Free Documentation License v1.3", - "licenseId": "GFDL-1.3", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-invariants-only.json", - "referenceNumber": 13, - "name": "GNU Free Documentation License v1.3 only - invariants", - "licenseId": "GFDL-1.3-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-invariants-or-later.json", - "referenceNumber": 11, - "name": "GNU Free Documentation License v1.3 or later - invariants", - "licenseId": "GFDL-1.3-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-no-invariants-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-no-invariants-only.json", - "referenceNumber": 20, - "name": "GNU Free Documentation License v1.3 only - no invariants", - "licenseId": "GFDL-1.3-no-invariants-only", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-no-invariants-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-no-invariants-or-later.json", - "referenceNumber": 180, - "name": "GNU Free Documentation License v1.3 or later - no invariants", - "licenseId": "GFDL-1.3-no-invariants-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-only.json", - "referenceNumber": 144, - "name": "GNU Free Documentation License v1.3 only", - "licenseId": "GFDL-1.3-only", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GFDL-1.3-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GFDL-1.3-or-later.json", - "referenceNumber": 527, - "name": "GNU Free Documentation License v1.3 or later", - "licenseId": "GFDL-1.3-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Giftware.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Giftware.json", - "referenceNumber": 511, - "name": "Giftware License", - "licenseId": "Giftware", - "seeAlso": [ - "http://liballeg.org/license.html#allegro-4-the-giftware-license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GL2PS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GL2PS.json", - "referenceNumber": 212, - "name": "GL2PS License", - "licenseId": "GL2PS", - "seeAlso": [ - "http://www.geuz.org/gl2ps/COPYING.GL2PS" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Glide.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Glide.json", - "referenceNumber": 217, - "name": "3dfx Glide License", - "licenseId": "Glide", - "seeAlso": [ - "http://www.users.on.net/~triforce/glidexp/COPYING.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Glulxe.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Glulxe.json", - "referenceNumber": 537, - "name": "Glulxe License", - "licenseId": "Glulxe", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Glulxe" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GLWTPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GLWTPL.json", - "referenceNumber": 119, - "name": "Good Luck With That Public License", - "licenseId": "GLWTPL", - "seeAlso": [ - "https://github.com/me-shaon/GLWTPL/commit/da5f6bc734095efbacb442c0b31e33a65b9d6e85" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/gnuplot.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/gnuplot.json", - "referenceNumber": 482, - "name": "gnuplot License", - "licenseId": "gnuplot", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Gnuplot" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-1.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-1.0.json", - "referenceNumber": 165, - "name": "GNU General Public License v1.0 only", - "licenseId": "GPL-1.0", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-1.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-1.0+.json", - "referenceNumber": 288, - "name": "GNU General Public License v1.0 or later", - "licenseId": "GPL-1.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-1.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-1.0-only.json", - "referenceNumber": 523, - "name": "GNU General Public License v1.0 only", - "licenseId": "GPL-1.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-1.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-1.0-or-later.json", - "referenceNumber": 286, - "name": "GNU General Public License v1.0 or later", - "licenseId": "GPL-1.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0.json", - "referenceNumber": 306, - "name": "GNU General Public License v2.0 only", - "licenseId": "GPL-2.0", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0+.json", - "referenceNumber": 16, - "name": "GNU General Public License v2.0 or later", - "licenseId": "GPL-2.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-only.json", - "referenceNumber": 276, - "name": "GNU General Public License v2.0 only", - "licenseId": "GPL-2.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-or-later.json", - "referenceNumber": 391, - "name": "GNU General Public License v2.0 or later", - "licenseId": "GPL-2.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-autoconf-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-autoconf-exception.json", - "referenceNumber": 235, - "name": "GNU General Public License v2.0 w/Autoconf exception", - "licenseId": "GPL-2.0-with-autoconf-exception", - "seeAlso": [ - "http://ac-archive.sourceforge.net/doc/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-bison-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-bison-exception.json", - "referenceNumber": 134, - "name": "GNU General Public License v2.0 w/Bison exception", - "licenseId": "GPL-2.0-with-bison-exception", - "seeAlso": [ - "http://git.savannah.gnu.org/cgit/bison.git/tree/data/yacc.c?id\u003d193d7c7054ba7197b0789e14965b739162319b5e#n141" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-classpath-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-classpath-exception.json", - "referenceNumber": 519, - "name": "GNU General Public License v2.0 w/Classpath exception", - "licenseId": "GPL-2.0-with-classpath-exception", - "seeAlso": [ - "https://www.gnu.org/software/classpath/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-font-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-font-exception.json", - "referenceNumber": 265, - "name": "GNU General Public License v2.0 w/Font exception", - "licenseId": "GPL-2.0-with-font-exception", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-faq.html#FontException" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-2.0-with-GCC-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-2.0-with-GCC-exception.json", - "referenceNumber": 99, - "name": "GNU General Public License v2.0 w/GCC Runtime Library exception", - "licenseId": "GPL-2.0-with-GCC-exception", - "seeAlso": [ - "https://gcc.gnu.org/git/?p\u003dgcc.git;a\u003dblob;f\u003dgcc/libgcc1.c;h\u003d762f5143fc6eed57b6797c82710f3538aa52b40b;hb\u003dcb143a3ce4fb417c68f5fa2691a1b1b1053dfba9#l10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0.json", - "referenceNumber": 392, - "name": "GNU General Public License v3.0 only", - "licenseId": "GPL-3.0", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0+.json", - "referenceNumber": 220, - "name": "GNU General Public License v3.0 or later", - "licenseId": "GPL-3.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0-only.json", - "referenceNumber": 71, - "name": "GNU General Public License v3.0 only", - "licenseId": "GPL-3.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0-or-later.json", - "referenceNumber": 337, - "name": "GNU General Public License v3.0 or later", - "licenseId": "GPL-3.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0-with-autoconf-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0-with-autoconf-exception.json", - "referenceNumber": 107, - "name": "GNU General Public License v3.0 w/Autoconf exception", - "licenseId": "GPL-3.0-with-autoconf-exception", - "seeAlso": [ - "https://www.gnu.org/licenses/autoconf-exception-3.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/GPL-3.0-with-GCC-exception.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/GPL-3.0-with-GCC-exception.json", - "referenceNumber": 9, - "name": "GNU General Public License v3.0 w/GCC Runtime Library exception", - "licenseId": "GPL-3.0-with-GCC-exception", - "seeAlso": [ - "https://www.gnu.org/licenses/gcc-exception-3.1.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Graphics-Gems.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Graphics-Gems.json", - "referenceNumber": 486, - "name": "Graphics Gems License", - "licenseId": "Graphics-Gems", - "seeAlso": [ - "https://github.com/erich666/GraphicsGems/blob/master/LICENSE.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/gSOAP-1.3b.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/gSOAP-1.3b.json", - "referenceNumber": 546, - "name": "gSOAP Public License v1.3b", - "licenseId": "gSOAP-1.3b", - "seeAlso": [ - "http://www.cs.fsu.edu/~engelen/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HaskellReport.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HaskellReport.json", - "referenceNumber": 112, - "name": "Haskell Language Report License", - "licenseId": "HaskellReport", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Haskell_Language_Report_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Hippocratic-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Hippocratic-2.1.json", - "referenceNumber": 507, - "name": "Hippocratic License 2.1", - "licenseId": "Hippocratic-2.1", - "seeAlso": [ - "https://firstdonoharm.dev/version/2/1/license.html", - "https://github.com/EthicalSource/hippocratic-license/blob/58c0e646d64ff6fbee275bfe2b9492f914e3ab2a/LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HP-1986.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HP-1986.json", - "referenceNumber": 51, - "name": "Hewlett-Packard 1986 License", - "licenseId": "HP-1986", - "seeAlso": [ - "https://sourceware.org/git/?p\u003dnewlib-cygwin.git;a\u003dblob;f\u003dnewlib/libc/machine/hppa/memchr.S;h\u003d1cca3e5e8867aa4bffef1f75a5c1bba25c0c441e;hb\u003dHEAD#l2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND.json", - "referenceNumber": 108, - "name": "Historical Permission Notice and Disclaimer", - "licenseId": "HPND", - "seeAlso": [ - "https://opensource.org/licenses/HPND" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/HPND-export-US.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-export-US.json", - "referenceNumber": 70, - "name": "HPND with US Government export control warning", - "licenseId": "HPND-export-US", - "seeAlso": [ - "https://www.kermitproject.org/ck90.html#source" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-Markus-Kuhn.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-Markus-Kuhn.json", - "referenceNumber": 111, - "name": "Historical Permission Notice and Disclaimer - Markus Kuhn variant", - "licenseId": "HPND-Markus-Kuhn", - "seeAlso": [ - "https://www.cl.cam.ac.uk/~mgk25/ucs/wcwidth.c", - "https://sourceware.org/git/?p\u003dbinutils-gdb.git;a\u003dblob;f\u003dreadline/readline/support/wcwidth.c;h\u003d0f5ec995796f4813abbcf4972aec0378ab74722a;hb\u003dHEAD#l55" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-sell-variant.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-sell-variant.json", - "referenceNumber": 96, - "name": "Historical Permission Notice and Disclaimer - sell variant", - "licenseId": "HPND-sell-variant", - "seeAlso": [ - "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/sunrpc/auth_gss/gss_generic_token.c?h\u003dv4.19" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HPND-sell-variant-MIT-disclaimer.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HPND-sell-variant-MIT-disclaimer.json", - "referenceNumber": 470, - "name": "HPND sell variant with MIT disclaimer", - "licenseId": "HPND-sell-variant-MIT-disclaimer", - "seeAlso": [ - "https://github.com/sigmavirus24/x11-ssh-askpass/blob/master/README" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/HTMLTIDY.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/HTMLTIDY.json", - "referenceNumber": 433, - "name": "HTML Tidy License", - "licenseId": "HTMLTIDY", - "seeAlso": [ - "https://github.com/htacg/tidy-html5/blob/next/README/LICENSE.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IBM-pibs.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IBM-pibs.json", - "referenceNumber": 52, - "name": "IBM PowerPC Initialization and Boot Software", - "licenseId": "IBM-pibs", - "seeAlso": [ - "http://git.denx.de/?p\u003du-boot.git;a\u003dblob;f\u003darch/powerpc/cpu/ppc4xx/miiphy.c;h\u003d297155fdafa064b955e53e9832de93bfb0cfb85b;hb\u003d9fab4bf4cc077c21e43941866f3f2c196f28670d" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ICU.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ICU.json", - "referenceNumber": 457, - "name": "ICU License", - "licenseId": "ICU", - "seeAlso": [ - "http://source.icu-project.org/repos/icu/icu/trunk/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IEC-Code-Components-EULA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IEC-Code-Components-EULA.json", - "referenceNumber": 101, - "name": "IEC Code Components End-user licence agreement", - "licenseId": "IEC-Code-Components-EULA", - "seeAlso": [ - "https://www.iec.ch/webstore/custserv/pdf/CC-EULA.pdf", - "https://www.iec.ch/CCv1", - "https://www.iec.ch/copyright" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IJG.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IJG.json", - "referenceNumber": 211, - "name": "Independent JPEG Group License", - "licenseId": "IJG", - "seeAlso": [ - "http://dev.w3.org/cvsweb/Amaya/libjpeg/Attic/README?rev\u003d1.2" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/IJG-short.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IJG-short.json", - "referenceNumber": 83, - "name": "Independent JPEG Group License - short", - "licenseId": "IJG-short", - "seeAlso": [ - "https://sourceforge.net/p/xmedcon/code/ci/master/tree/libs/ljpg/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ImageMagick.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ImageMagick.json", - "referenceNumber": 267, - "name": "ImageMagick License", - "licenseId": "ImageMagick", - "seeAlso": [ - "http://www.imagemagick.org/script/license.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/iMatix.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/iMatix.json", - "referenceNumber": 225, - "name": "iMatix Standard Function Library Agreement", - "licenseId": "iMatix", - "seeAlso": [ - "http://legacy.imatix.com/html/sfl/sfl4.htm#license" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Imlib2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Imlib2.json", - "referenceNumber": 131, - "name": "Imlib2 License", - "licenseId": "Imlib2", - "seeAlso": [ - "http://trac.enlightenment.org/e/browser/trunk/imlib2/COPYING", - "https://git.enlightenment.org/legacy/imlib2.git/tree/COPYING" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Info-ZIP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Info-ZIP.json", - "referenceNumber": 278, - "name": "Info-ZIP License", - "licenseId": "Info-ZIP", - "seeAlso": [ - "http://www.info-zip.org/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Intel.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Intel.json", - "referenceNumber": 303, - "name": "Intel Open Source License", - "licenseId": "Intel", - "seeAlso": [ - "https://opensource.org/licenses/Intel" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Intel-ACPI.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Intel-ACPI.json", - "referenceNumber": 472, - "name": "Intel ACPI Software License Agreement", - "licenseId": "Intel-ACPI", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Intel_ACPI_Software_License_Agreement" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Interbase-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Interbase-1.0.json", - "referenceNumber": 548, - "name": "Interbase Public License v1.0", - "licenseId": "Interbase-1.0", - "seeAlso": [ - "https://web.archive.org/web/20060319014854/http://info.borland.com/devsupport/interbase/opensource/IPL.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/IPA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IPA.json", - "referenceNumber": 50, - "name": "IPA Font License", - "licenseId": "IPA", - "seeAlso": [ - "https://opensource.org/licenses/IPA" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/IPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/IPL-1.0.json", - "referenceNumber": 53, - "name": "IBM Public License v1.0", - "licenseId": "IPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/IPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ISC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ISC.json", - "referenceNumber": 126, - "name": "ISC License", - "licenseId": "ISC", - "seeAlso": [ - "https://www.isc.org/licenses/", - "https://www.isc.org/downloads/software-support-policy/isc-license/", - "https://opensource.org/licenses/ISC" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Jam.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Jam.json", - "referenceNumber": 515, - "name": "Jam License", - "licenseId": "Jam", - "seeAlso": [ - "https://www.boost.org/doc/libs/1_35_0/doc/html/jam.html", - "https://web.archive.org/web/20160330173339/https://swarm.workshop.perforce.com/files/guest/perforce_software/jam/src/README" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/JasPer-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JasPer-2.0.json", - "referenceNumber": 182, - "name": "JasPer License", - "licenseId": "JasPer-2.0", - "seeAlso": [ - "http://www.ece.uvic.ca/~mdadams/jasper/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/JPL-image.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JPL-image.json", - "referenceNumber": 332, - "name": "JPL Image Use Policy", - "licenseId": "JPL-image", - "seeAlso": [ - "https://www.jpl.nasa.gov/jpl-image-use-policy" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/JPNIC.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JPNIC.json", - "referenceNumber": 19, - "name": "Japan Network Information Center License", - "licenseId": "JPNIC", - "seeAlso": [ - "https://gitlab.isc.org/isc-projects/bind9/blob/master/COPYRIGHT#L366" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/JSON.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/JSON.json", - "referenceNumber": 479, - "name": "JSON License", - "licenseId": "JSON", - "seeAlso": [ - "http://www.json.org/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Kazlib.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Kazlib.json", - "referenceNumber": 100, - "name": "Kazlib License", - "licenseId": "Kazlib", - "seeAlso": [ - "http://git.savannah.gnu.org/cgit/kazlib.git/tree/except.c?id\u003d0062df360c2d17d57f6af19b0e444c51feb99036" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Knuth-CTAN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Knuth-CTAN.json", - "referenceNumber": 417, - "name": "Knuth CTAN License", - "licenseId": "Knuth-CTAN", - "seeAlso": [ - "https://ctan.org/license/knuth" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LAL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LAL-1.2.json", - "referenceNumber": 138, - "name": "Licence Art Libre 1.2", - "licenseId": "LAL-1.2", - "seeAlso": [ - "http://artlibre.org/licence/lal/licence-art-libre-12/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LAL-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LAL-1.3.json", - "referenceNumber": 365, - "name": "Licence Art Libre 1.3", - "licenseId": "LAL-1.3", - "seeAlso": [ - "https://artlibre.org/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Latex2e.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Latex2e.json", - "referenceNumber": 228, - "name": "Latex2e License", - "licenseId": "Latex2e", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Latex2e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Latex2e-translated-notice.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Latex2e-translated-notice.json", - "referenceNumber": 47, - "name": "Latex2e with translated notice permission", - "licenseId": "Latex2e-translated-notice", - "seeAlso": [ - "https://git.savannah.gnu.org/cgit/indent.git/tree/doc/indent.texi?id\u003da74c6b4ee49397cf330b333da1042bffa60ed14f#n74" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Leptonica.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Leptonica.json", - "referenceNumber": 341, - "name": "Leptonica License", - "licenseId": "Leptonica", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Leptonica" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.0.json", - "referenceNumber": 533, - "name": "GNU Library General Public License v2 only", - "licenseId": "LGPL-2.0", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.0+.json", - "referenceNumber": 320, - "name": "GNU Library General Public License v2 or later", - "licenseId": "LGPL-2.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.0-only.json", - "referenceNumber": 42, - "name": "GNU Library General Public License v2 only", - "licenseId": "LGPL-2.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.0-or-later.json", - "referenceNumber": 529, - "name": "GNU Library General Public License v2 or later", - "licenseId": "LGPL-2.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.1.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.1.json", - "referenceNumber": 534, - "name": "GNU Lesser General Public License v2.1 only", - "licenseId": "LGPL-2.1", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.1+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.1+.json", - "referenceNumber": 273, - "name": "GNU Lesser General Public License v2.1 or later", - "licenseId": "LGPL-2.1+", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.1-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.1-only.json", - "referenceNumber": 82, - "name": "GNU Lesser General Public License v2.1 only", - "licenseId": "LGPL-2.1-only", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-2.1-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-2.1-or-later.json", - "referenceNumber": 329, - "name": "GNU Lesser General Public License v2.1 or later", - "licenseId": "LGPL-2.1-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-3.0.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-3.0.json", - "referenceNumber": 550, - "name": "GNU Lesser General Public License v3.0 only", - "licenseId": "LGPL-3.0", - "seeAlso": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-3.0+.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/LGPL-3.0+.json", - "referenceNumber": 292, - "name": "GNU Lesser General Public License v3.0 or later", - "licenseId": "LGPL-3.0+", - "seeAlso": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-3.0-only.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-3.0-only.json", - "referenceNumber": 80, - "name": "GNU Lesser General Public License v3.0 only", - "licenseId": "LGPL-3.0-only", - "seeAlso": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPL-3.0-or-later.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPL-3.0-or-later.json", - "referenceNumber": 37, - "name": "GNU Lesser General Public License v3.0 or later", - "licenseId": "LGPL-3.0-or-later", - "seeAlso": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LGPLLR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LGPLLR.json", - "referenceNumber": 544, - "name": "Lesser General Public License For Linguistic Resources", - "licenseId": "LGPLLR", - "seeAlso": [ - "http://www-igm.univ-mlv.fr/~unitex/lgpllr.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Libpng.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Libpng.json", - "referenceNumber": 346, - "name": "libpng License", - "licenseId": "Libpng", - "seeAlso": [ - "http://www.libpng.org/pub/png/src/libpng-LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libpng-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libpng-2.0.json", - "referenceNumber": 183, - "name": "PNG Reference Library version 2", - "licenseId": "libpng-2.0", - "seeAlso": [ - "http://www.libpng.org/pub/png/src/libpng-LICENSE.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libpri-OpenH323-exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libpri-OpenH323-exception.json", - "referenceNumber": 117, - "name": "libpri OpenH323 exception", - "licenseId": "libpri-OpenH323-exception", - "seeAlso": [ - "https://github.com/asterisk/libpri/blob/1.6.0/README#L19-L22" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libselinux-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libselinux-1.0.json", - "referenceNumber": 49, - "name": "libselinux public domain notice", - "licenseId": "libselinux-1.0", - "seeAlso": [ - "https://github.com/SELinuxProject/selinux/blob/master/libselinux/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libtiff.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libtiff.json", - "referenceNumber": 115, - "name": "libtiff License", - "licenseId": "libtiff", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/libtiff" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/libutil-David-Nugent.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/libutil-David-Nugent.json", - "referenceNumber": 66, - "name": "libutil David Nugent License", - "licenseId": "libutil-David-Nugent", - "seeAlso": [ - "http://web.mit.edu/freebsd/head/lib/libutil/login_ok.3", - "https://cgit.freedesktop.org/libbsd/tree/man/setproctitle.3bsd" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-P-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-P-1.1.json", - "referenceNumber": 48, - "name": "Licence Libre du Québec – Permissive version 1.1", - "licenseId": "LiLiQ-P-1.1", - "seeAlso": [ - "https://forge.gouv.qc.ca/licence/fr/liliq-v1-1/", - "http://opensource.org/licenses/LiLiQ-P-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-R-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-R-1.1.json", - "referenceNumber": 344, - "name": "Licence Libre du Québec – Réciprocité version 1.1", - "licenseId": "LiLiQ-R-1.1", - "seeAlso": [ - "https://www.forge.gouv.qc.ca/participez/licence-logicielle/licence-libre-du-quebec-liliq-en-francais/licence-libre-du-quebec-reciprocite-liliq-r-v1-1/", - "http://opensource.org/licenses/LiLiQ-R-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LiLiQ-Rplus-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LiLiQ-Rplus-1.1.json", - "referenceNumber": 244, - "name": "Licence Libre du Québec – Réciprocité forte version 1.1", - "licenseId": "LiLiQ-Rplus-1.1", - "seeAlso": [ - "https://www.forge.gouv.qc.ca/participez/licence-logicielle/licence-libre-du-quebec-liliq-en-francais/licence-libre-du-quebec-reciprocite-forte-liliq-r-v1-1/", - "http://opensource.org/licenses/LiLiQ-Rplus-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Linux-man-pages-copyleft.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-man-pages-copyleft.json", - "referenceNumber": 354, - "name": "Linux man-pages Copyleft", - "licenseId": "Linux-man-pages-copyleft", - "seeAlso": [ - "https://www.kernel.org/doc/man-pages/licenses.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Linux-man-pages-one-para.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-man-pages-one-para.json", - "referenceNumber": 130, - "name": "Linux man-pages One Paragraph", - "licenseId": "Linux-man-pages-one-para", - "seeAlso": [ - "https://github.com/mkerrisk/man-pages/blob/master/man2/getcpu.2#L4-L7" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Linux-OpenIB.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Linux-OpenIB.json", - "referenceNumber": 333, - "name": "Linux Kernel Variant of OpenIB.org license", - "licenseId": "Linux-OpenIB", - "seeAlso": [ - "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/infiniband/core/sa.h" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LOOP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LOOP.json", - "referenceNumber": 423, - "name": "Common Lisp LOOP License", - "licenseId": "LOOP", - "seeAlso": [ - "https://gitlab.com/embeddable-common-lisp/ecl/-/blob/develop/src/lsp/loop.lsp", - "http://git.savannah.gnu.org/cgit/gcl.git/tree/gcl/lsp/gcl_loop.lsp?h\u003dVersion_2_6_13pre", - "https://sourceforge.net/p/sbcl/sbcl/ci/master/tree/src/code/loop.lisp", - "https://github.com/cl-adams/adams/blob/master/LICENSE.md", - "https://github.com/blakemcbride/eclipse-lisp/blob/master/lisp/loop.lisp", - "https://gitlab.common-lisp.net/cmucl/cmucl/-/blob/master/src/code/loop.lisp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPL-1.0.json", - "referenceNumber": 308, - "name": "Lucent Public License Version 1.0", - "licenseId": "LPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/LPL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LPL-1.02.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPL-1.02.json", - "referenceNumber": 110, - "name": "Lucent Public License v1.02", - "licenseId": "LPL-1.02", - "seeAlso": [ - "http://plan9.bell-labs.com/plan9/license.html", - "https://opensource.org/licenses/LPL-1.02" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.0.json", - "referenceNumber": 481, - "name": "LaTeX Project Public License v1.0", - "licenseId": "LPPL-1.0", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-0.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.1.json", - "referenceNumber": 160, - "name": "LaTeX Project Public License v1.1", - "licenseId": "LPPL-1.1", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-1.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.2.json", - "referenceNumber": 175, - "name": "LaTeX Project Public License v1.2", - "licenseId": "LPPL-1.2", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-2.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.3a.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.3a.json", - "referenceNumber": 451, - "name": "LaTeX Project Public License v1.3a", - "licenseId": "LPPL-1.3a", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-3a.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/LPPL-1.3c.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LPPL-1.3c.json", - "referenceNumber": 89, - "name": "LaTeX Project Public License v1.3c", - "licenseId": "LPPL-1.3c", - "seeAlso": [ - "http://www.latex-project.org/lppl/lppl-1-3c.txt", - "https://opensource.org/licenses/LPPL-1.3c" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/LZMA-SDK-9.11-to-9.20.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LZMA-SDK-9.11-to-9.20.json", - "referenceNumber": 268, - "name": "LZMA SDK License (versions 9.11 to 9.20)", - "licenseId": "LZMA-SDK-9.11-to-9.20", - "seeAlso": [ - "https://www.7-zip.org/sdk.html", - "https://sourceforge.net/projects/sevenzip/files/LZMA%20SDK/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/LZMA-SDK-9.22.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/LZMA-SDK-9.22.json", - "referenceNumber": 334, - "name": "LZMA SDK License (versions 9.22 and beyond)", - "licenseId": "LZMA-SDK-9.22", - "seeAlso": [ - "https://www.7-zip.org/sdk.html", - "https://sourceforge.net/projects/sevenzip/files/LZMA%20SDK/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MakeIndex.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MakeIndex.json", - "referenceNumber": 404, - "name": "MakeIndex License", - "licenseId": "MakeIndex", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MakeIndex" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Martin-Birgmeier.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Martin-Birgmeier.json", - "referenceNumber": 402, - "name": "Martin Birgmeier License", - "licenseId": "Martin-Birgmeier", - "seeAlso": [ - "https://github.com/Perl/perl5/blob/blead/util.c#L6136" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/metamail.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/metamail.json", - "referenceNumber": 139, - "name": "metamail License", - "licenseId": "metamail", - "seeAlso": [ - "https://github.com/Dual-Life/mime-base64/blob/master/Base64.xs#L12" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Minpack.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Minpack.json", - "referenceNumber": 547, - "name": "Minpack License", - "licenseId": "Minpack", - "seeAlso": [ - "http://www.netlib.org/minpack/disclaimer", - "https://gitlab.com/libeigen/eigen/-/blob/master/COPYING.MINPACK" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MirOS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MirOS.json", - "referenceNumber": 359, - "name": "The MirOS Licence", - "licenseId": "MirOS", - "seeAlso": [ - "https://opensource.org/licenses/MirOS" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MIT.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT.json", - "referenceNumber": 187, - "name": "MIT License", - "licenseId": "MIT", - "seeAlso": [ - "https://opensource.org/licenses/MIT" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/MIT-0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-0.json", - "referenceNumber": 200, - "name": "MIT No Attribution", - "licenseId": "MIT-0", - "seeAlso": [ - "https://github.com/aws/mit-0", - "https://romanrm.net/mit-zero", - "https://github.com/awsdocs/aws-cloud9-user-guide/blob/master/LICENSE-SAMPLECODE" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MIT-advertising.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-advertising.json", - "referenceNumber": 419, - "name": "Enlightenment License (e16)", - "licenseId": "MIT-advertising", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT_With_Advertising" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-CMU.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-CMU.json", - "referenceNumber": 508, - "name": "CMU License", - "licenseId": "MIT-CMU", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:MIT?rd\u003dLicensing/MIT#CMU_Style", - "https://github.com/python-pillow/Pillow/blob/fffb426092c8db24a5f4b6df243a8a3c01fb63cd/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-enna.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-enna.json", - "referenceNumber": 15, - "name": "enna License", - "licenseId": "MIT-enna", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT#enna" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-feh.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-feh.json", - "referenceNumber": 545, - "name": "feh License", - "licenseId": "MIT-feh", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT#feh" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-Festival.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Festival.json", - "referenceNumber": 68, - "name": "MIT Festival Variant", - "licenseId": "MIT-Festival", - "seeAlso": [ - "https://github.com/festvox/flite/blob/master/COPYING", - "https://github.com/festvox/speech_tools/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-Modern-Variant.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Modern-Variant.json", - "referenceNumber": 475, - "name": "MIT License Modern Variant", - "licenseId": "MIT-Modern-Variant", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:MIT#Modern_Variants", - "https://ptolemy.berkeley.edu/copyright.htm", - "https://pirlwww.lpl.arizona.edu/resources/guide/software/PerlTk/Tixlic.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MIT-open-group.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-open-group.json", - "referenceNumber": 506, - "name": "MIT Open Group variant", - "licenseId": "MIT-open-group", - "seeAlso": [ - "https://gitlab.freedesktop.org/xorg/app/iceauth/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xvinfo/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xsetroot/-/blob/master/COPYING", - "https://gitlab.freedesktop.org/xorg/app/xauth/-/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MIT-Wu.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MIT-Wu.json", - "referenceNumber": 405, - "name": "MIT Tom Wu Variant", - "licenseId": "MIT-Wu", - "seeAlso": [ - "https://github.com/chromium/octane/blob/master/crypto.js" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MITNFA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MITNFA.json", - "referenceNumber": 114, - "name": "MIT +no-false-attribs license", - "licenseId": "MITNFA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MITNFA" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Motosoto.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Motosoto.json", - "referenceNumber": 540, - "name": "Motosoto License", - "licenseId": "Motosoto", - "seeAlso": [ - "https://opensource.org/licenses/Motosoto" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/mpi-permissive.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mpi-permissive.json", - "referenceNumber": 377, - "name": "mpi Permissive License", - "licenseId": "mpi-permissive", - "seeAlso": [ - "https://sources.debian.org/src/openmpi/4.1.0-10/ompi/debuggers/msgq_interface.h/?hl\u003d19#L19" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/mpich2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mpich2.json", - "referenceNumber": 208, - "name": "mpich2 License", - "licenseId": "mpich2", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/MIT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MPL-1.0.json", - "referenceNumber": 530, - "name": "Mozilla Public License 1.0", - "licenseId": "MPL-1.0", - "seeAlso": [ - "http://www.mozilla.org/MPL/MPL-1.0.html", - "https://opensource.org/licenses/MPL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/MPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MPL-1.1.json", - "referenceNumber": 23, - "name": "Mozilla Public License 1.1", - "licenseId": "MPL-1.1", - "seeAlso": [ - "http://www.mozilla.org/MPL/MPL-1.1.html", - "https://opensource.org/licenses/MPL-1.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/MPL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MPL-2.0.json", - "referenceNumber": 403, - "name": "Mozilla Public License 2.0", - "licenseId": "MPL-2.0", - "seeAlso": [ - "https://www.mozilla.org/MPL/2.0/", - "https://opensource.org/licenses/MPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/MPL-2.0-no-copyleft-exception.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MPL-2.0-no-copyleft-exception.json", - "referenceNumber": 153, - "name": "Mozilla Public License 2.0 (no copyleft exception)", - "licenseId": "MPL-2.0-no-copyleft-exception", - "seeAlso": [ - "https://www.mozilla.org/MPL/2.0/", - "https://opensource.org/licenses/MPL-2.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/mplus.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/mplus.json", - "referenceNumber": 409, - "name": "mplus Font License", - "licenseId": "mplus", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:Mplus?rd\u003dLicensing/mplus" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MS-LPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MS-LPL.json", - "referenceNumber": 314, - "name": "Microsoft Limited Public License", - "licenseId": "MS-LPL", - "seeAlso": [ - "https://www.openhub.net/licenses/mslpl", - "https://github.com/gabegundy/atlserver/blob/master/License.txt", - "https://en.wikipedia.org/wiki/Shared_Source_Initiative#Microsoft_Limited_Public_License_(Ms-LPL)" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MS-PL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MS-PL.json", - "referenceNumber": 142, - "name": "Microsoft Public License", - "licenseId": "MS-PL", - "seeAlso": [ - "http://www.microsoft.com/opensource/licenses.mspx", - "https://opensource.org/licenses/MS-PL" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/MS-RL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MS-RL.json", - "referenceNumber": 437, - "name": "Microsoft Reciprocal License", - "licenseId": "MS-RL", - "seeAlso": [ - "http://www.microsoft.com/opensource/licenses.mspx", - "https://opensource.org/licenses/MS-RL" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/MTLL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MTLL.json", - "referenceNumber": 67, - "name": "Matrix Template Library License", - "licenseId": "MTLL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Matrix_Template_Library_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MulanPSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MulanPSL-1.0.json", - "referenceNumber": 58, - "name": "Mulan Permissive Software License, Version 1", - "licenseId": "MulanPSL-1.0", - "seeAlso": [ - "https://license.coscl.org.cn/MulanPSL/", - "https://github.com/yuwenlong/longphp/blob/25dfb70cc2a466dc4bb55ba30901cbce08d164b5/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/MulanPSL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/MulanPSL-2.0.json", - "referenceNumber": 74, - "name": "Mulan Permissive Software License, Version 2", - "licenseId": "MulanPSL-2.0", - "seeAlso": [ - "https://license.coscl.org.cn/MulanPSL2/" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Multics.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Multics.json", - "referenceNumber": 389, - "name": "Multics License", - "licenseId": "Multics", - "seeAlso": [ - "https://opensource.org/licenses/Multics" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Mup.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Mup.json", - "referenceNumber": 4, - "name": "Mup License", - "licenseId": "Mup", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Mup" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NAIST-2003.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NAIST-2003.json", - "referenceNumber": 338, - "name": "Nara Institute of Science and Technology License (2003)", - "licenseId": "NAIST-2003", - "seeAlso": [ - "https://enterprise.dejacode.com/licenses/public/naist-2003/#license-text", - "https://github.com/nodejs/node/blob/4a19cc8947b1bba2b2d27816ec3d0edf9b28e503/LICENSE#L343" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NASA-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NASA-1.3.json", - "referenceNumber": 394, - "name": "NASA Open Source Agreement 1.3", - "licenseId": "NASA-1.3", - "seeAlso": [ - "http://ti.arc.nasa.gov/opensource/nosa/", - "https://opensource.org/licenses/NASA-1.3" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Naumen.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Naumen.json", - "referenceNumber": 240, - "name": "Naumen Public License", - "licenseId": "Naumen", - "seeAlso": [ - "https://opensource.org/licenses/Naumen" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NBPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NBPL-1.0.json", - "referenceNumber": 177, - "name": "Net Boolean Public License v1", - "licenseId": "NBPL-1.0", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d37b4b3f6cc4bf34e1d3dec61e69914b9819d8894" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NCGL-UK-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NCGL-UK-2.0.json", - "referenceNumber": 492, - "name": "Non-Commercial Government Licence", - "licenseId": "NCGL-UK-2.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/non-commercial-government-licence/version/2/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NCSA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NCSA.json", - "referenceNumber": 390, - "name": "University of Illinois/NCSA Open Source License", - "licenseId": "NCSA", - "seeAlso": [ - "http://otm.illinois.edu/uiuc_openSource", - "https://opensource.org/licenses/NCSA" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Net-SNMP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Net-SNMP.json", - "referenceNumber": 264, - "name": "Net-SNMP License", - "licenseId": "Net-SNMP", - "seeAlso": [ - "http://net-snmp.sourceforge.net/about/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NetCDF.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NetCDF.json", - "referenceNumber": 56, - "name": "NetCDF license", - "licenseId": "NetCDF", - "seeAlso": [ - "http://www.unidata.ucar.edu/software/netcdf/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Newsletr.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Newsletr.json", - "referenceNumber": 137, - "name": "Newsletr License", - "licenseId": "Newsletr", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Newsletr" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NGPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NGPL.json", - "referenceNumber": 436, - "name": "Nethack General Public License", - "licenseId": "NGPL", - "seeAlso": [ - "https://opensource.org/licenses/NGPL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NICTA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NICTA-1.0.json", - "referenceNumber": 256, - "name": "NICTA Public Software License, Version 1.0", - "licenseId": "NICTA-1.0", - "seeAlso": [ - "https://opensource.apple.com/source/mDNSResponder/mDNSResponder-320.10/mDNSPosix/nss_ReadMe.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-PD.json", - "referenceNumber": 319, - "name": "NIST Public Domain Notice", - "licenseId": "NIST-PD", - "seeAlso": [ - "https://github.com/tcheneau/simpleRPL/blob/e645e69e38dd4e3ccfeceb2db8cba05b7c2e0cd3/LICENSE.txt", - "https://github.com/tcheneau/Routing/blob/f09f46fcfe636107f22f2c98348188a65a135d98/README.md" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-PD-fallback.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-PD-fallback.json", - "referenceNumber": 233, - "name": "NIST Public Domain Notice with license fallback", - "licenseId": "NIST-PD-fallback", - "seeAlso": [ - "https://github.com/usnistgov/jsip/blob/59700e6926cbe96c5cdae897d9a7d2656b42abe3/LICENSE", - "https://github.com/usnistgov/fipy/blob/86aaa5c2ba2c6f1be19593c5986071cf6568cc34/LICENSE.rst" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NIST-Software.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NIST-Software.json", - "referenceNumber": 198, - "name": "NIST Software License", - "licenseId": "NIST-Software", - "seeAlso": [ - "https://github.com/open-quantum-safe/liboqs/blob/40b01fdbb270f8614fde30e65d30e9da18c02393/src/common/rand/rand_nist.c#L1-L15" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLOD-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLOD-1.0.json", - "referenceNumber": 179, - "name": "Norwegian Licence for Open Government Data (NLOD) 1.0", - "licenseId": "NLOD-1.0", - "seeAlso": [ - "http://data.norge.no/nlod/en/1.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLOD-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLOD-2.0.json", - "referenceNumber": 234, - "name": "Norwegian Licence for Open Government Data (NLOD) 2.0", - "licenseId": "NLOD-2.0", - "seeAlso": [ - "http://data.norge.no/nlod/en/2.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NLPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NLPL.json", - "referenceNumber": 301, - "name": "No Limit Public License", - "licenseId": "NLPL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/NLPL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Nokia.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Nokia.json", - "referenceNumber": 285, - "name": "Nokia Open Source License", - "licenseId": "Nokia", - "seeAlso": [ - "https://opensource.org/licenses/nokia" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NOSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NOSL.json", - "referenceNumber": 438, - "name": "Netizen Open Source License", - "licenseId": "NOSL", - "seeAlso": [ - "http://bits.netizen.com.au/licenses/NOSL/nosl.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Noweb.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Noweb.json", - "referenceNumber": 277, - "name": "Noweb License", - "licenseId": "Noweb", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Noweb" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPL-1.0.json", - "referenceNumber": 174, - "name": "Netscape Public License v1.0", - "licenseId": "NPL-1.0", - "seeAlso": [ - "http://www.mozilla.org/MPL/NPL/1.0/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPL-1.1.json", - "referenceNumber": 282, - "name": "Netscape Public License v1.1", - "licenseId": "NPL-1.1", - "seeAlso": [ - "http://www.mozilla.org/MPL/NPL/1.1/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/NPOSL-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NPOSL-3.0.json", - "referenceNumber": 312, - "name": "Non-Profit Open Software License 3.0", - "licenseId": "NPOSL-3.0", - "seeAlso": [ - "https://opensource.org/licenses/NOSL3.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NRL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NRL.json", - "referenceNumber": 184, - "name": "NRL License", - "licenseId": "NRL", - "seeAlso": [ - "http://web.mit.edu/network/isakmp/nrllicense.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/NTP.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NTP.json", - "referenceNumber": 55, - "name": "NTP License", - "licenseId": "NTP", - "seeAlso": [ - "https://opensource.org/licenses/NTP" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/NTP-0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/NTP-0.json", - "referenceNumber": 257, - "name": "NTP No Attribution", - "licenseId": "NTP-0", - "seeAlso": [ - "https://github.com/tytso/e2fsprogs/blob/master/lib/et/et_name.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Nunit.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/Nunit.json", - "referenceNumber": 420, - "name": "Nunit License", - "licenseId": "Nunit", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Nunit" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/O-UDA-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/O-UDA-1.0.json", - "referenceNumber": 468, - "name": "Open Use of Data Agreement v1.0", - "licenseId": "O-UDA-1.0", - "seeAlso": [ - "https://github.com/microsoft/Open-Use-of-Data-Agreement/blob/v1.0/O-UDA-1.0.md", - "https://cdla.dev/open-use-of-data-agreement-v1-0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OCCT-PL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OCCT-PL.json", - "referenceNumber": 444, - "name": "Open CASCADE Technology Public License", - "licenseId": "OCCT-PL", - "seeAlso": [ - "http://www.opencascade.com/content/occt-public-license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OCLC-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OCLC-2.0.json", - "referenceNumber": 17, - "name": "OCLC Research Public License 2.0", - "licenseId": "OCLC-2.0", - "seeAlso": [ - "http://www.oclc.org/research/activities/software/license/v2final.htm", - "https://opensource.org/licenses/OCLC-2.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/ODbL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ODbL-1.0.json", - "referenceNumber": 39, - "name": "Open Data Commons Open Database License v1.0", - "licenseId": "ODbL-1.0", - "seeAlso": [ - "http://www.opendatacommons.org/licenses/odbl/1.0/", - "https://opendatacommons.org/licenses/odbl/1-0/" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ODC-By-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ODC-By-1.0.json", - "referenceNumber": 254, - "name": "Open Data Commons Attribution License v1.0", - "licenseId": "ODC-By-1.0", - "seeAlso": [ - "https://opendatacommons.org/licenses/by/1.0/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OFFIS.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFFIS.json", - "referenceNumber": 172, - "name": "OFFIS License", - "licenseId": "OFFIS", - "seeAlso": [ - "https://sourceforge.net/p/xmedcon/code/ci/master/tree/libs/dicom/README" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OFL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.0.json", - "referenceNumber": 518, - "name": "SIL Open Font License 1.0", - "licenseId": "OFL-1.0", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OFL-1.0-no-RFN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.0-no-RFN.json", - "referenceNumber": 478, - "name": "SIL Open Font License 1.0 with no Reserved Font Name", - "licenseId": "OFL-1.0-no-RFN", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OFL-1.0-RFN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.0-RFN.json", - "referenceNumber": 156, - "name": "SIL Open Font License 1.0 with Reserved Font Name", - "licenseId": "OFL-1.0-RFN", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OFL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.1.json", - "referenceNumber": 327, - "name": "SIL Open Font License 1.1", - "licenseId": "OFL-1.1", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OFL-1.1-no-RFN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.1-no-RFN.json", - "referenceNumber": 79, - "name": "SIL Open Font License 1.1 with no Reserved Font Name", - "licenseId": "OFL-1.1-no-RFN", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OFL-1.1-RFN.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OFL-1.1-RFN.json", - "referenceNumber": 427, - "name": "SIL Open Font License 1.1 with Reserved Font Name", - "licenseId": "OFL-1.1-RFN", - "seeAlso": [ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OGC-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGC-1.0.json", - "referenceNumber": 387, - "name": "OGC Software License, Version 1.0", - "licenseId": "OGC-1.0", - "seeAlso": [ - "https://www.ogc.org/ogc/software/1.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGDL-Taiwan-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGDL-Taiwan-1.0.json", - "referenceNumber": 501, - "name": "Taiwan Open Government Data License, version 1.0", - "licenseId": "OGDL-Taiwan-1.0", - "seeAlso": [ - "https://data.gov.tw/license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-Canada-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-Canada-2.0.json", - "referenceNumber": 426, - "name": "Open Government Licence - Canada", - "licenseId": "OGL-Canada-2.0", - "seeAlso": [ - "https://open.canada.ca/en/open-government-licence-canada" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-1.0.json", - "referenceNumber": 230, - "name": "Open Government Licence v1.0", - "licenseId": "OGL-UK-1.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/1/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-2.0.json", - "referenceNumber": 232, - "name": "Open Government Licence v2.0", - "licenseId": "OGL-UK-2.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/2/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGL-UK-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGL-UK-3.0.json", - "referenceNumber": 343, - "name": "Open Government Licence v3.0", - "licenseId": "OGL-UK-3.0", - "seeAlso": [ - "http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OGTSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OGTSL.json", - "referenceNumber": 62, - "name": "Open Group Test Suite License", - "licenseId": "OGTSL", - "seeAlso": [ - "http://www.opengroup.org/testing/downloads/The_Open_Group_TSL.txt", - "https://opensource.org/licenses/OGTSL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.1.json", - "referenceNumber": 291, - "name": "Open LDAP Public License v1.1", - "licenseId": "OLDAP-1.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d806557a5ad59804ef3a44d5abfbe91d706b0791f" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.2.json", - "referenceNumber": 227, - "name": "Open LDAP Public License v1.2", - "licenseId": "OLDAP-1.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d42b0383c50c299977b5893ee695cf4e486fb0dc7" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.3.json", - "referenceNumber": 151, - "name": "Open LDAP Public License v1.3", - "licenseId": "OLDAP-1.3", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003de5f8117f0ce088d0bd7a8e18ddf37eaa40eb09b1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-1.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-1.4.json", - "referenceNumber": 259, - "name": "Open LDAP Public License v1.4", - "licenseId": "OLDAP-1.4", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dc9f95c2f3f2ffb5e0ae55fe7388af75547660941" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.0.json", - "referenceNumber": 242, - "name": "Open LDAP Public License v2.0 (or possibly 2.0A and 2.0B)", - "licenseId": "OLDAP-2.0", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dcbf50f4e1185a21abd4c0a54d3f4341fe28f36ea" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.0.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.0.1.json", - "referenceNumber": 471, - "name": "Open LDAP Public License v2.0.1", - "licenseId": "OLDAP-2.0.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003db6d68acd14e51ca3aab4428bf26522aa74873f0e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.1.json", - "referenceNumber": 443, - "name": "Open LDAP Public License v2.1", - "licenseId": "OLDAP-2.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003db0d176738e96a0d3b9f85cb51e140a86f21be715" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.json", - "referenceNumber": 210, - "name": "Open LDAP Public License v2.2", - "licenseId": "OLDAP-2.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d470b0c18ec67621c85881b2733057fecf4a1acc3" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.1.json", - "referenceNumber": 375, - "name": "Open LDAP Public License v2.2.1", - "licenseId": "OLDAP-2.2.1", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d4bc786f34b50aa301be6f5600f58a980070f481e" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.2.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.2.2.json", - "referenceNumber": 305, - "name": "Open LDAP Public License 2.2.2", - "licenseId": "OLDAP-2.2.2", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003ddf2cc1e21eb7c160695f5b7cffd6296c151ba188" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.3.json", - "referenceNumber": 215, - "name": "Open LDAP Public License v2.3", - "licenseId": "OLDAP-2.3", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dd32cf54a32d581ab475d23c810b0a7fbaf8d63c3" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.4.json", - "referenceNumber": 91, - "name": "Open LDAP Public License v2.4", - "licenseId": "OLDAP-2.4", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003dcd1284c4a91a8a380d904eee68d1583f989ed386" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.5.json", - "referenceNumber": 535, - "name": "Open LDAP Public License v2.5", - "licenseId": "OLDAP-2.5", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d6852b9d90022e8593c98205413380536b1b5a7cf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.6.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.6.json", - "referenceNumber": 499, - "name": "Open LDAP Public License v2.6", - "licenseId": "OLDAP-2.6", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d1cae062821881f41b73012ba816434897abf4205" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.7.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.7.json", - "referenceNumber": 386, - "name": "Open LDAP Public License v2.7", - "licenseId": "OLDAP-2.7", - "seeAlso": [ - "http://www.openldap.org/devel/gitweb.cgi?p\u003dopenldap.git;a\u003dblob;f\u003dLICENSE;hb\u003d47c2415c1df81556eeb39be6cad458ef87c534a2" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OLDAP-2.8.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLDAP-2.8.json", - "referenceNumber": 205, - "name": "Open LDAP Public License v2.8", - "licenseId": "OLDAP-2.8", - "seeAlso": [ - "http://www.openldap.org/software/release/license.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OLFL-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OLFL-1.3.json", - "referenceNumber": 61, - "name": "Open Logistics Foundation License Version 1.3", - "licenseId": "OLFL-1.3", - "seeAlso": [ - "https://openlogisticsfoundation.org/licenses/", - "https://opensource.org/license/olfl-1-3/" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OML.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OML.json", - "referenceNumber": 528, - "name": "Open Market License", - "licenseId": "OML", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Open_Market_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OpenPBS-2.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OpenPBS-2.3.json", - "referenceNumber": 252, - "name": "OpenPBS v2.3 Software License", - "licenseId": "OpenPBS-2.3", - "seeAlso": [ - "https://github.com/adaptivecomputing/torque/blob/master/PBS_License.txt", - "https://www.mcs.anl.gov/research/projects/openpbs/PBS_License.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OpenSSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OpenSSL.json", - "referenceNumber": 464, - "name": "OpenSSL License", - "licenseId": "OpenSSL", - "seeAlso": [ - "http://www.openssl.org/source/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OPL-1.0.json", - "referenceNumber": 171, - "name": "Open Public License v1.0", - "licenseId": "OPL-1.0", - "seeAlso": [ - "http://old.koalateam.com/jackaroo/OPL_1_0.TXT", - "https://fedoraproject.org/wiki/Licensing/Open_Public_License" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/OPUBL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OPUBL-1.0.json", - "referenceNumber": 279, - "name": "Open Publication License v1.0", - "licenseId": "OPUBL-1.0", - "seeAlso": [ - "http://opencontent.org/openpub/", - "https://www.debian.org/opl", - "https://www.ctan.org/license/opl" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/OSET-PL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSET-PL-2.1.json", - "referenceNumber": 412, - "name": "OSET Public License version 2.1", - "licenseId": "OSET-PL-2.1", - "seeAlso": [ - "http://www.osetfoundation.org/public-license", - "https://opensource.org/licenses/OPL-2.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/OSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-1.0.json", - "referenceNumber": 459, - "name": "Open Software License 1.0", - "licenseId": "OSL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/OSL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-1.1.json", - "referenceNumber": 197, - "name": "Open Software License 1.1", - "licenseId": "OSL-1.1", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/OSL1.1" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-2.0.json", - "referenceNumber": 513, - "name": "Open Software License 2.0", - "licenseId": "OSL-2.0", - "seeAlso": [ - "http://web.archive.org/web/20041020171434/http://www.rosenlaw.com/osl2.0.html" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-2.1.json", - "referenceNumber": 452, - "name": "Open Software License 2.1", - "licenseId": "OSL-2.1", - "seeAlso": [ - "http://web.archive.org/web/20050212003940/http://www.rosenlaw.com/osl21.htm", - "https://opensource.org/licenses/OSL-2.1" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/OSL-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/OSL-3.0.json", - "referenceNumber": 446, - "name": "Open Software License 3.0", - "licenseId": "OSL-3.0", - "seeAlso": [ - "https://web.archive.org/web/20120101081418/http://rosenlaw.com:80/OSL3.0.htm", - "https://opensource.org/licenses/OSL-3.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Parity-6.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Parity-6.0.0.json", - "referenceNumber": 315, - "name": "The Parity Public License 6.0.0", - "licenseId": "Parity-6.0.0", - "seeAlso": [ - "https://paritylicense.com/versions/6.0.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Parity-7.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Parity-7.0.0.json", - "referenceNumber": 352, - "name": "The Parity Public License 7.0.0", - "licenseId": "Parity-7.0.0", - "seeAlso": [ - "https://paritylicense.com/versions/7.0.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PDDL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PDDL-1.0.json", - "referenceNumber": 398, - "name": "Open Data Commons Public Domain Dedication \u0026 License 1.0", - "licenseId": "PDDL-1.0", - "seeAlso": [ - "http://opendatacommons.org/licenses/pddl/1.0/", - "https://opendatacommons.org/licenses/pddl/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PHP-3.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PHP-3.0.json", - "referenceNumber": 477, - "name": "PHP License v3.0", - "licenseId": "PHP-3.0", - "seeAlso": [ - "http://www.php.net/license/3_0.txt", - "https://opensource.org/licenses/PHP-3.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/PHP-3.01.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PHP-3.01.json", - "referenceNumber": 350, - "name": "PHP License v3.01", - "licenseId": "PHP-3.01", - "seeAlso": [ - "http://www.php.net/license/3_01.txt" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Plexus.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Plexus.json", - "referenceNumber": 536, - "name": "Plexus Classworlds License", - "licenseId": "Plexus", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Plexus_Classworlds_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PolyForm-Noncommercial-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PolyForm-Noncommercial-1.0.0.json", - "referenceNumber": 388, - "name": "PolyForm Noncommercial License 1.0.0", - "licenseId": "PolyForm-Noncommercial-1.0.0", - "seeAlso": [ - "https://polyformproject.org/licenses/noncommercial/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PolyForm-Small-Business-1.0.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PolyForm-Small-Business-1.0.0.json", - "referenceNumber": 526, - "name": "PolyForm Small Business License 1.0.0", - "licenseId": "PolyForm-Small-Business-1.0.0", - "seeAlso": [ - "https://polyformproject.org/licenses/small-business/1.0.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/PostgreSQL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PostgreSQL.json", - "referenceNumber": 298, - "name": "PostgreSQL License", - "licenseId": "PostgreSQL", - "seeAlso": [ - "http://www.postgresql.org/about/licence", - "https://opensource.org/licenses/PostgreSQL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/PSF-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/PSF-2.0.json", - "referenceNumber": 85, - "name": "Python Software Foundation License 2.0", - "licenseId": "PSF-2.0", - "seeAlso": [ - "https://opensource.org/licenses/Python-2.0" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/psfrag.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/psfrag.json", - "referenceNumber": 255, - "name": "psfrag License", - "licenseId": "psfrag", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/psfrag" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/psutils.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/psutils.json", - "referenceNumber": 325, - "name": "psutils License", - "licenseId": "psutils", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/psutils" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Python-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Python-2.0.json", - "referenceNumber": 140, - "name": "Python License 2.0", - "licenseId": "Python-2.0", - "seeAlso": [ - "https://opensource.org/licenses/Python-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Python-2.0.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Python-2.0.1.json", - "referenceNumber": 318, - "name": "Python License 2.0.1", - "licenseId": "Python-2.0.1", - "seeAlso": [ - "https://www.python.org/download/releases/2.0.1/license/", - "https://docs.python.org/3/license.html", - "https://github.com/python/cpython/blob/main/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Qhull.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Qhull.json", - "referenceNumber": 378, - "name": "Qhull License", - "licenseId": "Qhull", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Qhull" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/QPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/QPL-1.0.json", - "referenceNumber": 118, - "name": "Q Public License 1.0", - "licenseId": "QPL-1.0", - "seeAlso": [ - "http://doc.qt.nokia.com/3.3/license.html", - "https://opensource.org/licenses/QPL-1.0", - "https://doc.qt.io/archives/3.3/license.html" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/QPL-1.0-INRIA-2004.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/QPL-1.0-INRIA-2004.json", - "referenceNumber": 480, - "name": "Q Public License 1.0 - INRIA 2004 variant", - "licenseId": "QPL-1.0-INRIA-2004", - "seeAlso": [ - "https://github.com/maranget/hevea/blob/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Rdisc.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Rdisc.json", - "referenceNumber": 45, - "name": "Rdisc License", - "licenseId": "Rdisc", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Rdisc_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/RHeCos-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RHeCos-1.1.json", - "referenceNumber": 453, - "name": "Red Hat eCos Public License v1.1", - "licenseId": "RHeCos-1.1", - "seeAlso": [ - "http://ecos.sourceware.org/old-license.html" - ], - "isOsiApproved": false, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/RPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPL-1.1.json", - "referenceNumber": 512, - "name": "Reciprocal Public License 1.1", - "licenseId": "RPL-1.1", - "seeAlso": [ - "https://opensource.org/licenses/RPL-1.1" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/RPL-1.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPL-1.5.json", - "referenceNumber": 76, - "name": "Reciprocal Public License 1.5", - "licenseId": "RPL-1.5", - "seeAlso": [ - "https://opensource.org/licenses/RPL-1.5" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/RPSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RPSL-1.0.json", - "referenceNumber": 510, - "name": "RealNetworks Public Source License v1.0", - "licenseId": "RPSL-1.0", - "seeAlso": [ - "https://helixcommunity.org/content/rpsl", - "https://opensource.org/licenses/RPSL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/RSA-MD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RSA-MD.json", - "referenceNumber": 28, - "name": "RSA Message-Digest License", - "licenseId": "RSA-MD", - "seeAlso": [ - "http://www.faqs.org/rfcs/rfc1321.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/RSCPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/RSCPL.json", - "referenceNumber": 287, - "name": "Ricoh Source Code Public License", - "licenseId": "RSCPL", - "seeAlso": [ - "http://wayback.archive.org/web/20060715140826/http://www.risource.org/RPL/RPL-1.0A.shtml", - "https://opensource.org/licenses/RSCPL" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Ruby.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Ruby.json", - "referenceNumber": 194, - "name": "Ruby License", - "licenseId": "Ruby", - "seeAlso": [ - "http://www.ruby-lang.org/en/LICENSE.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SAX-PD.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SAX-PD.json", - "referenceNumber": 435, - "name": "Sax Public Domain Notice", - "licenseId": "SAX-PD", - "seeAlso": [ - "http://www.saxproject.org/copying.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Saxpath.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Saxpath.json", - "referenceNumber": 460, - "name": "Saxpath License", - "licenseId": "Saxpath", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Saxpath_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SCEA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SCEA.json", - "referenceNumber": 340, - "name": "SCEA Shared Source License", - "licenseId": "SCEA", - "seeAlso": [ - "http://research.scea.com/scea_shared_source_license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SchemeReport.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SchemeReport.json", - "referenceNumber": 525, - "name": "Scheme Language Report License", - "licenseId": "SchemeReport", - "seeAlso": [], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Sendmail.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sendmail.json", - "referenceNumber": 432, - "name": "Sendmail License", - "licenseId": "Sendmail", - "seeAlso": [ - "http://www.sendmail.com/pdfs/open_source/sendmail_license.pdf", - "https://web.archive.org/web/20160322142305/https://www.sendmail.com/pdfs/open_source/sendmail_license.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Sendmail-8.23.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sendmail-8.23.json", - "referenceNumber": 236, - "name": "Sendmail License 8.23", - "licenseId": "Sendmail-8.23", - "seeAlso": [ - "https://www.proofpoint.com/sites/default/files/sendmail-license.pdf", - "https://web.archive.org/web/20181003101040/https://www.proofpoint.com/sites/default/files/sendmail-license.pdf" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-1.0.json", - "referenceNumber": 18, - "name": "SGI Free Software License B v1.0", - "licenseId": "SGI-B-1.0", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/SGIFreeSWLicB.1.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-1.1.json", - "referenceNumber": 328, - "name": "SGI Free Software License B v1.1", - "licenseId": "SGI-B-1.1", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SGI-B-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGI-B-2.0.json", - "referenceNumber": 497, - "name": "SGI Free Software License B v2.0", - "licenseId": "SGI-B-2.0", - "seeAlso": [ - "http://oss.sgi.com/projects/FreeB/SGIFreeSWLicB.2.0.pdf" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SGP4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SGP4.json", - "referenceNumber": 294, - "name": "SGP4 Permission Notice", - "licenseId": "SGP4", - "seeAlso": [ - "https://celestrak.org/publications/AIAA/2006-6753/faq.php" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SHL-0.5.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SHL-0.5.json", - "referenceNumber": 422, - "name": "Solderpad Hardware License v0.5", - "licenseId": "SHL-0.5", - "seeAlso": [ - "https://solderpad.org/licenses/SHL-0.5/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SHL-0.51.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SHL-0.51.json", - "referenceNumber": 374, - "name": "Solderpad Hardware License, Version 0.51", - "licenseId": "SHL-0.51", - "seeAlso": [ - "https://solderpad.org/licenses/SHL-0.51/" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SimPL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SimPL-2.0.json", - "referenceNumber": 302, - "name": "Simple Public License 2.0", - "licenseId": "SimPL-2.0", - "seeAlso": [ - "https://opensource.org/licenses/SimPL-2.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/SISSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SISSL.json", - "referenceNumber": 373, - "name": "Sun Industry Standards Source License v1.1", - "licenseId": "SISSL", - "seeAlso": [ - "http://www.openoffice.org/licenses/sissl_license.html", - "https://opensource.org/licenses/SISSL" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SISSL-1.2.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SISSL-1.2.json", - "referenceNumber": 494, - "name": "Sun Industry Standards Source License v1.2", - "licenseId": "SISSL-1.2", - "seeAlso": [ - "http://gridscheduler.sourceforge.net/Gridengine_SISSL_license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Sleepycat.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Sleepycat.json", - "referenceNumber": 449, - "name": "Sleepycat License", - "licenseId": "Sleepycat", - "seeAlso": [ - "https://opensource.org/licenses/Sleepycat" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SMLNJ.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SMLNJ.json", - "referenceNumber": 406, - "name": "Standard ML of New Jersey License", - "licenseId": "SMLNJ", - "seeAlso": [ - "https://www.smlnj.org/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SMPPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SMPPL.json", - "referenceNumber": 31, - "name": "Secure Messaging Protocol Public License", - "licenseId": "SMPPL", - "seeAlso": [ - "https://github.com/dcblake/SMP/blob/master/Documentation/License.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SNIA.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SNIA.json", - "referenceNumber": 249, - "name": "SNIA Public License 1.1", - "licenseId": "SNIA", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/SNIA_Public_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/snprintf.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/snprintf.json", - "referenceNumber": 353, - "name": "snprintf License", - "licenseId": "snprintf", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/master/openbsd-compat/bsd-snprintf.c#L2" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Spencer-86.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Spencer-86.json", - "referenceNumber": 201, - "name": "Spencer License 86", - "licenseId": "Spencer-86", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Spencer-94.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Spencer-94.json", - "referenceNumber": 36, - "name": "Spencer License 94", - "licenseId": "Spencer-94", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License", - "https://metacpan.org/release/KNOK/File-MMagic-1.30/source/COPYING#L28" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Spencer-99.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Spencer-99.json", - "referenceNumber": 381, - "name": "Spencer License 99", - "licenseId": "Spencer-99", - "seeAlso": [ - "http://www.opensource.apple.com/source/tcl/tcl-5/tcl/generic/regfronts.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SPL-1.0.json", - "referenceNumber": 120, - "name": "Sun Public License v1.0", - "licenseId": "SPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/SPL-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SSH-OpenSSH.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SSH-OpenSSH.json", - "referenceNumber": 14, - "name": "SSH OpenSSH license", - "licenseId": "SSH-OpenSSH", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/1b11ea7c58cd5c59838b5fa574cd456d6047b2d4/LICENCE#L10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SSH-short.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SSH-short.json", - "referenceNumber": 532, - "name": "SSH short notice", - "licenseId": "SSH-short", - "seeAlso": [ - "https://github.com/openssh/openssh-portable/blob/1b11ea7c58cd5c59838b5fa574cd456d6047b2d4/pathnames.h", - "http://web.mit.edu/kolya/.f/root/athena.mit.edu/sipb.mit.edu/project/openssh/OldFiles/src/openssh-2.9.9p2/ssh-add.1", - "https://joinup.ec.europa.eu/svn/lesoll/trunk/italc/lib/src/dsa_key.cpp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SSPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SSPL-1.0.json", - "referenceNumber": 64, - "name": "Server Side Public License, v 1", - "licenseId": "SSPL-1.0", - "seeAlso": [ - "https://www.mongodb.com/licensing/server-side-public-license" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/StandardML-NJ.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/StandardML-NJ.json", - "referenceNumber": 262, - "name": "Standard ML of New Jersey License", - "licenseId": "StandardML-NJ", - "seeAlso": [ - "https://www.smlnj.org/license.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/SugarCRM-1.1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SugarCRM-1.1.3.json", - "referenceNumber": 41, - "name": "SugarCRM Public License v1.1.3", - "licenseId": "SugarCRM-1.1.3", - "seeAlso": [ - "http://www.sugarcrm.com/crm/SPL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SunPro.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SunPro.json", - "referenceNumber": 311, - "name": "SunPro License", - "licenseId": "SunPro", - "seeAlso": [ - "https://github.com/freebsd/freebsd-src/blob/main/lib/msun/src/e_acosh.c", - "https://github.com/freebsd/freebsd-src/blob/main/lib/msun/src/e_lgammal.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/SWL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/SWL.json", - "referenceNumber": 368, - "name": "Scheme Widget Library (SWL) Software License Agreement", - "licenseId": "SWL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/SWL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Symlinks.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Symlinks.json", - "referenceNumber": 326, - "name": "Symlinks License", - "licenseId": "Symlinks", - "seeAlso": [ - "https://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg11494.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TAPR-OHL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TAPR-OHL-1.0.json", - "referenceNumber": 309, - "name": "TAPR Open Hardware License v1.0", - "licenseId": "TAPR-OHL-1.0", - "seeAlso": [ - "https://www.tapr.org/OHL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TCL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TCL.json", - "referenceNumber": 271, - "name": "TCL/TK License", - "licenseId": "TCL", - "seeAlso": [ - "http://www.tcl.tk/software/tcltk/license.html", - "https://fedoraproject.org/wiki/Licensing/TCL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TCP-wrappers.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TCP-wrappers.json", - "referenceNumber": 293, - "name": "TCP Wrappers License", - "licenseId": "TCP-wrappers", - "seeAlso": [ - "http://rc.quest.com/topics/openssh/license.php#tcpwrappers" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TermReadKey.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TermReadKey.json", - "referenceNumber": 191, - "name": "TermReadKey License", - "licenseId": "TermReadKey", - "seeAlso": [ - "https://github.com/jonathanstowe/TermReadKey/blob/master/README#L9-L10" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TMate.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TMate.json", - "referenceNumber": 231, - "name": "TMate Open Source License", - "licenseId": "TMate", - "seeAlso": [ - "http://svnkit.com/license.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TORQUE-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TORQUE-1.1.json", - "referenceNumber": 25, - "name": "TORQUE v2.5+ Software License v1.1", - "licenseId": "TORQUE-1.1", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TORQUEv1.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TOSL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TOSL.json", - "referenceNumber": 313, - "name": "Trusster Open Source License", - "licenseId": "TOSL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TOSL" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TPDL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TPDL.json", - "referenceNumber": 331, - "name": "Time::ParseDate License", - "licenseId": "TPDL", - "seeAlso": [ - "https://metacpan.org/pod/Time::ParseDate#LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TPL-1.0.json", - "referenceNumber": 456, - "name": "THOR Public License 1.0", - "licenseId": "TPL-1.0", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing:ThorPublicLicense" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TTWL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TTWL.json", - "referenceNumber": 60, - "name": "Text-Tabs+Wrap License", - "licenseId": "TTWL", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/TTWL", - "https://github.com/ap/Text-Tabs/blob/master/lib.modern/Text/Tabs.pm#L148" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TU-Berlin-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TU-Berlin-1.0.json", - "referenceNumber": 248, - "name": "Technische Universitaet Berlin License 1.0", - "licenseId": "TU-Berlin-1.0", - "seeAlso": [ - "https://github.com/swh/ladspa/blob/7bf6f3799fdba70fda297c2d8fd9f526803d9680/gsm/COPYRIGHT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/TU-Berlin-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/TU-Berlin-2.0.json", - "referenceNumber": 455, - "name": "Technische Universitaet Berlin License 2.0", - "licenseId": "TU-Berlin-2.0", - "seeAlso": [ - "https://github.com/CorsixTH/deps/blob/fd339a9f526d1d9c9f01ccf39e438a015da50035/licences/libgsm.txt" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/UCAR.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UCAR.json", - "referenceNumber": 94, - "name": "UCAR License", - "licenseId": "UCAR", - "seeAlso": [ - "https://github.com/Unidata/UDUNITS-2/blob/master/COPYRIGHT" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/UCL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UCL-1.0.json", - "referenceNumber": 122, - "name": "Upstream Compatibility License v1.0", - "licenseId": "UCL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/UCL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Unicode-DFS-2015.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Unicode-DFS-2015.json", - "referenceNumber": 397, - "name": "Unicode License Agreement - Data Files and Software (2015)", - "licenseId": "Unicode-DFS-2015", - "seeAlso": [ - "https://web.archive.org/web/20151224134844/http://unicode.org/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Unicode-DFS-2016.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Unicode-DFS-2016.json", - "referenceNumber": 260, - "name": "Unicode License Agreement - Data Files and Software (2016)", - "licenseId": "Unicode-DFS-2016", - "seeAlso": [ - "https://www.unicode.org/license.txt", - "http://web.archive.org/web/20160823201924/http://www.unicode.org/copyright.html#License", - "http://www.unicode.org/copyright.html" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/Unicode-TOU.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Unicode-TOU.json", - "referenceNumber": 281, - "name": "Unicode Terms of Use", - "licenseId": "Unicode-TOU", - "seeAlso": [ - "http://web.archive.org/web/20140704074106/http://www.unicode.org/copyright.html", - "http://www.unicode.org/copyright.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/UnixCrypt.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UnixCrypt.json", - "referenceNumber": 458, - "name": "UnixCrypt License", - "licenseId": "UnixCrypt", - "seeAlso": [ - "https://foss.heptapod.net/python-libs/passlib/-/blob/branch/stable/LICENSE#L70", - "https://opensource.apple.com/source/JBoss/JBoss-737/jboss-all/jetty/src/main/org/mortbay/util/UnixCrypt.java.auto.html", - "https://archive.eclipse.org/jetty/8.0.1.v20110908/xref/org/eclipse/jetty/http/security/UnixCrypt.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Unlicense.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Unlicense.json", - "referenceNumber": 538, - "name": "The Unlicense", - "licenseId": "Unlicense", - "seeAlso": [ - "https://unlicense.org/" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/UPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/UPL-1.0.json", - "referenceNumber": 379, - "name": "Universal Permissive License v1.0", - "licenseId": "UPL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/UPL" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Vim.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Vim.json", - "referenceNumber": 195, - "name": "Vim License", - "licenseId": "Vim", - "seeAlso": [ - "http://vimdoc.sourceforge.net/htmldoc/uganda.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/VOSTROM.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/VOSTROM.json", - "referenceNumber": 502, - "name": "VOSTROM Public License for Open Source", - "licenseId": "VOSTROM", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/VOSTROM" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/VSL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/VSL-1.0.json", - "referenceNumber": 440, - "name": "Vovida Software License v1.0", - "licenseId": "VSL-1.0", - "seeAlso": [ - "https://opensource.org/licenses/VSL-1.0" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/W3C.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/W3C.json", - "referenceNumber": 280, - "name": "W3C Software Notice and License (2002-12-31)", - "licenseId": "W3C", - "seeAlso": [ - "http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231.html", - "https://opensource.org/licenses/W3C" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/W3C-19980720.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/W3C-19980720.json", - "referenceNumber": 514, - "name": "W3C Software Notice and License (1998-07-20)", - "licenseId": "W3C-19980720", - "seeAlso": [ - "http://www.w3.org/Consortium/Legal/copyright-software-19980720.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/W3C-20150513.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/W3C-20150513.json", - "referenceNumber": 7, - "name": "W3C Software Notice and Document License (2015-05-13)", - "licenseId": "W3C-20150513", - "seeAlso": [ - "https://www.w3.org/Consortium/Legal/2015/copyright-software-and-document" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/w3m.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/w3m.json", - "referenceNumber": 428, - "name": "w3m License", - "licenseId": "w3m", - "seeAlso": [ - "https://github.com/tats/w3m/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Watcom-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Watcom-1.0.json", - "referenceNumber": 106, - "name": "Sybase Open Watcom Public License 1.0", - "licenseId": "Watcom-1.0", - "seeAlso": [ - "https://opensource.org/licenses/Watcom-1.0" - ], - "isOsiApproved": true, - "isFsfLibre": false - }, - { - "reference": "https://spdx.org/licenses/Widget-Workshop.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Widget-Workshop.json", - "referenceNumber": 143, - "name": "Widget Workshop License", - "licenseId": "Widget-Workshop", - "seeAlso": [ - "https://github.com/novnc/noVNC/blob/master/core/crypto/des.js#L24" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Wsuipa.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Wsuipa.json", - "referenceNumber": 372, - "name": "Wsuipa License", - "licenseId": "Wsuipa", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Wsuipa" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/WTFPL.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/WTFPL.json", - "referenceNumber": 463, - "name": "Do What The F*ck You Want To Public License", - "licenseId": "WTFPL", - "seeAlso": [ - "http://www.wtfpl.net/about/", - "http://sam.zoy.org/wtfpl/COPYING" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/wxWindows.html", - "isDeprecatedLicenseId": true, - "detailsUrl": "https://spdx.org/licenses/wxWindows.json", - "referenceNumber": 221, - "name": "wxWindows Library License", - "licenseId": "wxWindows", - "seeAlso": [ - "https://opensource.org/licenses/WXwindows" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/X11.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/X11.json", - "referenceNumber": 522, - "name": "X11 License", - "licenseId": "X11", - "seeAlso": [ - "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/X11-distribute-modifications-variant.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/X11-distribute-modifications-variant.json", - "referenceNumber": 488, - "name": "X11 License Distribution Modification Variant", - "licenseId": "X11-distribute-modifications-variant", - "seeAlso": [ - "https://github.com/mirror/ncurses/blob/master/COPYING" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xdebug-1.03.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xdebug-1.03.json", - "referenceNumber": 411, - "name": "Xdebug License v 1.03", - "licenseId": "Xdebug-1.03", - "seeAlso": [ - "https://github.com/xdebug/xdebug/blob/master/LICENSE" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xerox.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xerox.json", - "referenceNumber": 364, - "name": "Xerox License", - "licenseId": "Xerox", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Xerox" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xfig.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xfig.json", - "referenceNumber": 173, - "name": "Xfig License", - "licenseId": "Xfig", - "seeAlso": [ - "https://github.com/Distrotech/transfig/blob/master/transfig/transfig.c", - "https://fedoraproject.org/wiki/Licensing:MIT#Xfig_Variant", - "https://sourceforge.net/p/mcj/xfig/ci/master/tree/src/Makefile.am" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/XFree86-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/XFree86-1.1.json", - "referenceNumber": 104, - "name": "XFree86 License 1.1", - "licenseId": "XFree86-1.1", - "seeAlso": [ - "http://www.xfree86.org/current/LICENSE4.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/xinetd.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xinetd.json", - "referenceNumber": 505, - "name": "xinetd License", - "licenseId": "xinetd", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Xinetd_License" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/xlock.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xlock.json", - "referenceNumber": 289, - "name": "xlock License", - "licenseId": "xlock", - "seeAlso": [ - "https://fossies.org/linux/tiff/contrib/ras/ras2tif.c" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Xnet.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Xnet.json", - "referenceNumber": 261, - "name": "X.Net License", - "licenseId": "Xnet", - "seeAlso": [ - "https://opensource.org/licenses/Xnet" - ], - "isOsiApproved": true - }, - { - "reference": "https://spdx.org/licenses/xpp.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/xpp.json", - "referenceNumber": 269, - "name": "XPP License", - "licenseId": "xpp", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/xpp" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/XSkat.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/XSkat.json", - "referenceNumber": 407, - "name": "XSkat License", - "licenseId": "XSkat", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/XSkat_License" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/YPL-1.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/YPL-1.0.json", - "referenceNumber": 216, - "name": "Yahoo! Public License v1.0", - "licenseId": "YPL-1.0", - "seeAlso": [ - "http://www.zimbra.com/license/yahoo_public_license_1.0.html" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/YPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/YPL-1.1.json", - "referenceNumber": 283, - "name": "Yahoo! Public License v1.1", - "licenseId": "YPL-1.1", - "seeAlso": [ - "http://www.zimbra.com/license/yahoo_public_license_1.1.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Zed.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zed.json", - "referenceNumber": 275, - "name": "Zed License", - "licenseId": "Zed", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/Zed" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Zend-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zend-2.0.json", - "referenceNumber": 69, - "name": "Zend License v2.0", - "licenseId": "Zend-2.0", - "seeAlso": [ - "https://web.archive.org/web/20130517195954/http://www.zend.com/license/2_00.txt" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Zimbra-1.3.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zimbra-1.3.json", - "referenceNumber": 489, - "name": "Zimbra Public License v1.3", - "licenseId": "Zimbra-1.3", - "seeAlso": [ - "http://web.archive.org/web/20100302225219/http://www.zimbra.com/license/zimbra-public-license-1-3.html" - ], - "isOsiApproved": false, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/Zimbra-1.4.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zimbra-1.4.json", - "referenceNumber": 421, - "name": "Zimbra Public License v1.4", - "licenseId": "Zimbra-1.4", - "seeAlso": [ - "http://www.zimbra.com/legal/zimbra-public-license-1-4" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/Zlib.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/Zlib.json", - "referenceNumber": 351, - "name": "zlib License", - "licenseId": "Zlib", - "seeAlso": [ - "http://www.zlib.net/zlib_license.html", - "https://opensource.org/licenses/Zlib" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/zlib-acknowledgement.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/zlib-acknowledgement.json", - "referenceNumber": 448, - "name": "zlib/libpng License with Acknowledgement", - "licenseId": "zlib-acknowledgement", - "seeAlso": [ - "https://fedoraproject.org/wiki/Licensing/ZlibWithAcknowledgement" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ZPL-1.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ZPL-1.1.json", - "referenceNumber": 509, - "name": "Zope Public License 1.1", - "licenseId": "ZPL-1.1", - "seeAlso": [ - "http://old.zope.org/Resources/License/ZPL-1.1" - ], - "isOsiApproved": false - }, - { - "reference": "https://spdx.org/licenses/ZPL-2.0.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ZPL-2.0.json", - "referenceNumber": 335, - "name": "Zope Public License 2.0", - "licenseId": "ZPL-2.0", - "seeAlso": [ - "http://old.zope.org/Resources/License/ZPL-2.0", - "https://opensource.org/licenses/ZPL-2.0" - ], - "isOsiApproved": true, - "isFsfLibre": true - }, - { - "reference": "https://spdx.org/licenses/ZPL-2.1.html", - "isDeprecatedLicenseId": false, - "detailsUrl": "https://spdx.org/licenses/ZPL-2.1.json", - "referenceNumber": 454, - "name": "Zope Public License 2.1", - "licenseId": "ZPL-2.1", - "seeAlso": [ - "http://old.zope.org/Resources/ZPL/" - ], - "isOsiApproved": true, - "isFsfLibre": true - } - ], - "releaseDate": "2023-05-17" -} \ No newline at end of file diff --git a/go.mod b/go.mod index c8404a2c..41d10324 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.20 require ( github.com/fatih/color v1.15.0 + github.com/google/uuid v1.6.0 github.com/hokaccha/go-prettyjson v0.0.0-20211117102719-0474bc63780f github.com/iancoleman/orderedmap v0.3.0 github.com/jwangsadinata/go-multimap v0.0.0-20190620162914-c29f3d7f33b6 @@ -16,7 +17,6 @@ require ( require ( github.com/davecgh/go-spew v1.1.1 // indirect - github.com/google/uuid v1.6.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect diff --git a/license.json b/license.json deleted file mode 100644 index ca76c52d..00000000 --- a/license.json +++ /dev/null @@ -1,3389 +0,0 @@ -{ - "policies": [ - { - "id": "0BSD", - "name": "BSD Zero Clause License", - "family": "0BSD", - "reference": "https://spdx.org/licenses/0BSD.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "aliases": [ - "Free Public License 1.0.0" - ], - "urls": [ - "https://opensource.org/licenses/0BSD" - ] - }, - { - "id": "", - "name": "Access Grid Toolkit Public License", - "family": "Access-Grid-Toolkit-Public-License", - "reference": "", - "osi": false, - "fsf": false, - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "usagePolicy": "allow", - "urls": [ - "https://www.mcs.anl.gov/research/projects/accessgrid/about/license.html" - ] - }, - { - "id": "Adobe-2006", - "name": "Adobe Systems Incorporated Source Code License Agreement", - "family": "Adobe", - "reference": "https://spdx.org/licenses/Adobe-2006.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/AdobeLicense" - ] - }, - { - "id": "ADSL", - "name": "Amazon Digital Services License", - "family": "ADSL", - "reference": "https://spdx.org/licenses/ADSL.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/AmazonDigitalServicesLicense" - ] - }, - { - "id": "AFL-1.1", - "name": "Academic Free License v1.1", - "family": "AFL", - "reference": "https://spdx.org/licenses/AFL-1.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://opensource.linux-mirror.org/licenses/afl-1.1.txt", - "http://wayback.archive.org/web/20021004124254/http://www.opensource.org/licenses/academic.php" - ] - }, - { - "id": "AFL-1.2", - "name": "Academic Free License v1.2", - "family": "AFL", - "reference": "https://spdx.org/licenses/AFL-1.2.json", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://opensource.linux-mirror.org/licenses/afl-1.2.txt", - "http://wayback.archive.org/web/20021204204652/http://www.opensource.org/licenses/academic.php" - ] - }, - { - "id": "AFL-2.0", - "name": "Academic Free License v2.0", - "family": "AFL", - "reference": "https://spdx.org/licenses/AFL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://wayback.archive.org/web/20060924134533/http://www.opensource.org/licenses/afl-2.0.txt" - ] - }, - { - "id": "AFL-2.1", - "name": "Academic Free License v2.1", - "family": "AFL", - "reference": "https://spdx.org/licenses/AFL-2.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://opensource.linux-mirror.org/licenses/afl-2.1.txt" - ] - }, - { - "id": "AFL-3.0", - "name": "Academic Free License v3.0", - "family": "AFL", - "reference": "https://spdx.org/licenses/AFL-3.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.rosenlaw.com/AFL3.0.htm", - "https://opensource.org/licenses/afl-3.0" - ] - }, - { - "id": "AGPL-1.0", - "name": "Affero General Public License v1.0", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-1.0.html", - "osi": false, - "fsf": false, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "http://www.affero.org/oagpl.html" - ] - }, - { - "id": "AGPL-1.0-only", - "name": "Affero General Public License v1.0 only", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-1.0-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "http://www.affero.org/oagpl.html" - ] - }, - { - "id": "AGPL-1.0-or-later", - "name": "Affero General Public License v1.0 or later", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-1.0-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "http://www.affero.org/oagpl.html" - ] - }, - { - "id": "AGPL-3.0", - "name": "GNU Affero General Public License v3.0", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-3.0.html", - "osi": true, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ] - }, - { - "id": "AGPL-3.0-only", - "name": "GNU Affero General Public License v3.0 only", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-3.0-only.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ] - }, - { - "id": "AGPL-3.0-or-later", - "name": "Affero General Public License v3.0 or later", - "family": "AGPL", - "reference": "https://spdx.org/licenses/AGPL-3.0-or-later.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "AGPL-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/agpl.txt", - "https://opensource.org/licenses/AGPL-3.0" - ] - }, - { - "id": "Apache-1.0", - "name": "Apache v1.0", - "family": "Apache", - "reference": "https://spdx.org/licenses/Apache-1.0.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.apache.org/licenses/LICENSE-1.0" - ] - }, - { - "id": "Apache-1.1", - "name": "Apache v1.1", - "family": "Apache", - "reference": "https://spdx.org/licenses/Apache-1.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://apache.org/licenses/LICENSE-1.1", - "https://opensource.org/licenses/Apache-1.1" - ], - "notes": [ - "Superseded by Apache-2.0" - ] - }, - { - "id": "Apache-2.0", - "name": "Apache License 2.0", - "family": "Apache", - "reference": "https://spdx.org/licenses/Apache-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.apache.org/licenses/LICENSE-2.0", - "https://opensource.org/licenses/Apache-2.0" - ], - "aliases": [ - "Apache License, Version 2.0", - "Apache License v. 2.0", - "Apache License Version 2.0", - "Apache Software License v2.0" - ] - }, - { - "id": "APSL-1.0", - "name": "Apple Public Source License 1.0", - "family": "APSL", - "reference": "https://spdx.org/licenses/APSL-1.0.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/Apple_Public_Source_License_1.0" - ] - }, - { - "id": "APSL-1.1", - "name": "Apple Public Source License 1.1", - "family": "APSL", - "reference": "https://spdx.org/licenses/APSL-1.1.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://www.opensource.apple.com/source/IOSerialFamily/IOSerialFamily-7/APPLE_LICENSE" - ] - }, - { - "id": "APSL-1.2", - "name": "Apple Public Source License 1.2", - "family": "APSL", - "reference": "https://spdx.org/licenses/APSL-1.2.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://www.samurajdata.se/opensource/mirror/licenses/apsl.php" - ] - }, - { - "id": "APSL-2.0", - "name": "Apple Public Source License 2.0", - "family": "APSL", - "reference": "https://spdx.org/licenses/APSL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://www.opensource.apple.com/license/apsl/" - ] - }, - { - "id": "", - "name": "Aptogo", - "family": "Aptogo", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "urls": [ - "https://github.com/aptogo/FaceTracker/blob/master/OpenCV.framework/Headers/opencv/cv.hpp" - ], - "notes": [ - "For Open Source Computer Vision Library" - ] - }, - { - "id": "Artistic-1.0", - "name": "Artistic License 1.0", - "family": "Artistic", - "reference": "https://spdx.org/licenses/Artistic-1.0.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/Artistic-1.0" - ] - }, - { - "id": "Artistic-1.0-cl8", - "name": "Artistic License 1.0 w/clause 8", - "family": "Artistic", - "reference": "https://spdx.org/licenses/Artistic-1.0-cl8.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/Artistic-1.0" - ] - }, - { - "id": "Artistic-1.0-Perl", - "name": "Artistic License 1.0 (Perl)", - "family": "Artistic", - "reference": "https://spdx.org/licenses/Artistic-1.0-Perl.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/Artistic-1.0" - ] - }, - { - "id": "Artistic-2.0", - "name": "Artistic License 2.0", - "family": "Artistic", - "reference": "https://spdx.org/licenses/Artistic-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.perlfoundation.org/artistic_license_2_0", - "https://www.perlfoundation.org/artistic-license-20.html", - "https://opensource.org/licenses/artistic-license-2.0" - ] - }, - { - "id": "Beerware", - "name": "Beerware License", - "family": "Beerware", - "reference": "https://spdx.org/licenses/Beerware.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/Beerware", - "https://people.freebsd.org/~phk/" - ] - }, - { - "id": "BSD-1-Clause", - "name": "BSD 1-Clause License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-1-Clause.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://svnweb.freebsd.org/base/head/include/ifaddrs.h?revision\u003d326823" - ] - }, - { - "id": "BSD-2-Clause", - "name": "BSD 2-Clause \"Simplified\" License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-2-Clause.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/BSD-2-Clause" - ], - "aliases": [ - "2-clause BSDL" - ] - }, - { - "id": "BSD-2-Clause-FreeBSD", - "name": "BSD 2-Clause FreeBSD License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-2-Clause-FreeBSD.html", - "osi": false, - "fsf": true, - "deprecated": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.freebsd.org/copyright/freebsd-license.html" - ] - }, - { - "id": "BSD-2-Clause-NetBSD", - "name": "BSD 2-Clause NetBSD License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-2-Clause-NetBSD.html", - "osi": false, - "fsf": true, - "deprecated": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.netbsd.org/about/redistribution.html#default" - ] - }, - { - "id": "BSD-2-Clause-Patent", - "name": "BSD-2-Clause Plus Patent License", - "family": "BSD-2-Clause-Plus-Patent-License", - "reference": "https://spdx.org/licenses/BSD-2-Clause-Patent.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://opensource.org/licenses/BSDplusPatent" - ] - }, - { - "id": "BSD-2-Clause-Views", - "name": "BSD 2-Clause with views sentence", - "family": "BSD-2-Clause-with-views-sentence", - "reference": "https://spdx.org/licenses/BSD-2-Clause-Views.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "http://www.freebsd.org/copyright/freebsd-license.html", - "https://people.freebsd.org/~ivoras/wine/patch-wine-nvidia.sh", - "https://github.com/protegeproject/protege/blob/master/license.txt" - ] - }, - { - "id": "BSD-3-Clause", - "name": "BSD 3-Clause \"New\" or \"Revised\" License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-3-Clause.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/BSD-3-Clause", - "https://www.eclipse.org/org/documents/edl-v10.php" - ], - "aliases": [ - "BSD 3-clause \"New\" License", - "New BSD License", - "Modified BSD License" - ] - }, - { - "id": "BSD-3-Clause-Attribution", - "name": "BSD with attribution", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-3-Clause-Attribution.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/BSD_with_Attribution" - ] - }, - { - "id": "BSD-3-Clause-Clear", - "name": "BSD 3-Clause Clear License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-3-Clause-Clear.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://labs.metacarta.com/license-explanation.html#license" - ] - }, - { - "id": "BSD-3-Clause-No-Military-License", - "name": "BSD 3-Clause No Military License", - "family": "BSD-3-Clause-No-Military-License", - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Military-License.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://gitlab.syncad.com/hive/dhive/-/blob/master/LICENSE", - "https://github.com/greymass/swift-eosio/blob/master/LICENSE" - ] - }, - { - "id": "BSD-3-Clause-No-Nuclear-License", - "name": "BSD 3-Clause No Nuclear", - "family": "BSD-3-Clause-No-Nuclear", - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://download.oracle.com/otn-pub/java/licenses/bsd.txt?AuthParam\u003d1467140197_43d516ce1776bd08a58235a7785be1cc" - ] - }, - { - "id": "BSD-3-Clause-No-Nuclear-License-2014", - "name": "BSD 3-Clause No Nuclear License 2014", - "family": "BSD-3-Clause-No-Nuclear", - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-License-2014.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://java.net/projects/javaeetutorial/pages/BerkeleyLicense" - ] - }, - { - "id": "BSD-3-Clause-No-Nuclear-Warranty", - "name": "BSD 3-Clause No Nuclear Warranty", - "family": "BSD-3-Clause-No-Nuclear", - "reference": "https://spdx.org/licenses/BSD-3-Clause-No-Nuclear-Warranty.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://jogamp.org/git/?p\u003dgluegen.git;a\u003dblob_plain;f\u003dLICENSE.txt" - ] - }, - { - "id": "BSD-3-Clause-Open-MPI", - "name": "BSD 3-Clause Open MPI variant", - "family": "BSD-3-Clause-Open-MPI-variant", - "reference": "https://spdx.org/licenses/BSD-3-Clause-Open-MPI.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://www.open-mpi.org/community/license.php", - "http://www.netlib.org/lapack/LICENSE.txt" - ] - }, - { - "id": "BSD-4-Clause", - "name": "BSD 4-Clause \"Original\" or \"Old\" License", - "family": "BSD", - "reference": "https://spdx.org/licenses/BSD-4-Clause.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://directory.fsf.org/wiki/License:BSD_4Clause" - ] - }, - { - "id": "BSD-4-Clause-Shortened", - "name": "BSD 4 Clause Shortened", - "family": "BSD-4-Clause-Shortened", - "reference": "https://spdx.org/licenses/BSD-4-Clause-Shortened.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://metadata.ftp-master.debian.org/changelogs//main/a/arpwatch/arpwatch_2.1a15-7_copyright" - ] - }, - { - "id": "BSD-4-Clause-UC", - "name": "BSD-4-Clause (University of California-Specific)", - "family": "BSD-4-Clause-UC", - "reference": "https://spdx.org/licenses/BSD-4-Clause-UC.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "http://www.freebsd.org/copyright/license.html" - ] - }, - { - "id": "BSD-4.3RENO", - "name": "BSD 4.3 RENO License", - "family": "BSD-4.3", - "reference": "https://spdx.org/licenses/BSD-4.3RENO.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://sourceware.org/git/?p\u003dbinutils-gdb.git;a\u003dblob;f\u003dlibiberty/strcasecmp.c;h\u003d131d81c2ce7881fa48c363dc5bf5fb302c61ce0b;hb\u003dHEAD" - ] - }, - { - "id": "BSD-4.3TAHOE", - "name": "BSD 4.3 TAHOE License", - "family": "BSD-4.3", - "reference": "https://spdx.org/licenses/BSD-4.3TAHOE.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://github.com/389ds/389-ds-base/blob/main/ldap/include/sysexits-compat.h#L15", - "https://git.savannah.gnu.org/cgit/indent.git/tree/doc/indent.texi?id\u003da74c6b4ee49397cf330b333da1042bffa60ed14f#n1788" - ] - }, - { - "id": "BSD-Advertising-Acknowledgement", - "name": "BSD Advertising Acknowledgement License", - "family": "BSD-Advertising-Acknowledgement", - "reference": "https://spdx.org/licenses/BSD-Advertising-Acknowledgement.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://github.com/python-excel/xlrd/blob/master/LICENSE#L33" - ] - }, - { - "id": "BSD-Attribution-HPND-disclaimer", - "name": "BSD with Attribution and HPND disclaimer", - "family": "BSD-Attribution-HPND-disclaimer", - "reference": "https://spdx.org/licenses/BSD-Attribution-HPND-disclaimer.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://github.com/cyrusimap/cyrus-sasl/blob/master/COPYING" - ] - }, - { - "id": "BSD-Protection", - "name": "BSD Protection License", - "family": "BSD-Protection", - "reference": "https://spdx.org/licenses/BSD-Protection.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/BSD_Protection_License" - ] - }, - { - "id": "BSD-Source-Code", - "name": "BSD Source Code Attribution", - "family": "BSD-Source-Code", - "reference": "https://spdx.org/licenses/BSD-Source-Code.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://github.com/robbiehanson/CocoaHTTPServer/blob/master/LICENSE.txt" - ] - }, - { - "id": "", - "name": "BSD-equivalent", - "family": "BSD-equivalent", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "notes": [ - "No SPDX IDs for 18 \"BSD-equivalent\" variants listed here:", - "BSD Facebook", - "BSD Google Patents File", - "BSD Antlr", - "BSD Bootstrap", - "BSD Bzip2", - "BSD DOM4J", - "BSD Eclipse Distribution License (EDL)", - "BSD HSQLDB", - "BSD Infozip", - "BSD Jaxen", - "BSD JSch", - "BSD NetSNMP", - "BSD OpenLayers", - "BSD Openssl", - "BSD Rene Nyffenegger license", - "BSD Sqlite3-ruby", - "BSD XStream", - "BSD YUI" - ] - }, - { - "id": "BSL-1.0", - "name": "Boost Software License 1.0", - "family": "BSL", - "reference": "https://spdx.org/licenses/BSL-1.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.boost.org/LICENSE_1_0.txt", - "https://opensource.org/licenses/BSL-1.0" - ], - "notes": [ - "boost C++ libraries" - ] - }, - { - "id": "bzip2-1.0.6", - "name": "bzip2 and libbzip2 License v1.0.6", - "family": "bzip2", - "reference": "https://spdx.org/licenses/bzip2-1.0.6.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://sourceware.org/git/?p\u003dbzip2.git;a\u003dblob;f\u003dLICENSE;hb\u003dbzip2-1.0.6", - "http://bzip.org/1.0.5/bzip2-manual-1.0.5.html" - ] - }, - { - "id": "CC0-1.0", - "name": "Creative Commons Zero v1.0 Universal", - "family": "CC0", - "reference": "https://spdx.org/licenses/CC0-1.0.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://creativecommons.org/publicdomain/zero/1.0/legalcode" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution", - "family": "CC-BY", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "CC-BY-SAAS", - "CC-BY-ON-PREM" - ], - "children": [ - "CC-BY-1.0", - "CC-BY-2.0", - "CC-BY-2.5", - "CC-BY-2.5-AU", - "CC-BY-3.0", - "CC-BY-3.0-AT", - "CC-BY-3.0-DE", - "CC-BY-3.0-IGO", - "CC-BY-3.0-NL", - "CC-BY-3.0-US" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-1.0.html", - "https://creativecommons.org/licenses/by/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-2.0.html", - "https://creativecommons.org/licenses/by/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-2.5.html", - "https://creativecommons.org/licenses/by/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-2.5-AU.html", - "https://creativecommons.org/licenses/by/2.5/au/legalcode", - "https://spdx.org/licenses/CC-BY-3.0.html", - "https://creativecommons.org/licenses/by/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-3.0-AT.html", - "https://creativecommons.org/licenses/by/3.0/at/legalcode", - "https://spdx.org/licenses/CC-BY-3.0-DE.html", - "https://creativecommons.org/licenses/by/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-3.0-IGO.html", - "https://creativecommons.org/licenses/by/3.0/igo/legalcode", - "https://spdx.org/licenses/CC-BY-3.0-NL.html", - "https://creativecommons.org/licenses/by/3.0/nl/legalcode", - "https://spdx.org/licenses/CC-BY-3.0-US.html", - "https://creativecommons.org/licenses/by/3.0/us/legalcode" - ] - }, - { - "id": "CC-BY-4.0", - "name": "Creative Commons Attribution 4.0 International", - "family": "CC-BY-4.0", - "reference": "https://spdx.org/licenses/CC-BY-4.0.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "CC-BY-SAAS", - "CC-BY-ON-PREM" - ], - "urls": [ - "https://creativecommons.org/licenses/by/4.0/legalcode" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution Non Commercial", - "family": "CC-BY-NC", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "deny", - "annotationRefs": [ - "PROHIBITED" - ], - "children": [ - "CC-BY-NC-1.0", - "CC-BY-NC-2.0", - "CC-BY-NC-2.5", - "CC-BY-NC-3.0", - "CC-BY-NC-3.0-DE", - "CC-BY-NC-4.0" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-NC-1.0.html", - "https://creativecommons.org/licenses/by-nc/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-2.0.html", - "https://creativecommons.org/licenses/by-nc/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-2.5.html", - "https://creativecommons.org/licenses/by-nc/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-NC-3.0.html", - "https://creativecommons.org/licenses/by-nc/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-3.0-DE.html", - "https://creativecommons.org/licenses/by-nc/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-NC-4.0.html", - "https://creativecommons.org/licenses/by-nc/4.0/legalcode" - ], - "notes": [ - "Needs IP legal determination for language-specific variants" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution Non Commercial", - "family": "CC-BY-NC-ND", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "deny", - "annotationRefs": [ - "PROHIBITED" - ], - "children": [ - "CC-BY-NC-ND-1.0", - "CC-BY-NC-ND-2.0", - "CC-BY-NC-ND-2.5", - "CC-BY-NC-ND-3.0", - "CC-BY-NC-ND-3.0-DE", - "CC-BY-NC-ND-3.0-IGO", - "CC-BY-NC-ND-4.0" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-NC-ND-1.0.html", - "https://creativecommons.org/licenses/by-nd-nc/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-2.0.html", - "https://creativecommons.org/licenses/by-nc-nd/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-2.5.html", - "https://creativecommons.org/licenses/by-nc-nd/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-3.0.html", - "https://creativecommons.org/licenses/by-nc-nd/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-3.0-DE.html", - "https://creativecommons.org/licenses/by-nc-nd/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-3.0-IGO.html", - "https://creativecommons.org/licenses/by-nc-nd/3.0/igo/legalcode", - "https://spdx.org/licenses/CC-BY-NC-ND-4.0.html", - "https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode" - ], - "notes": [ - "Needs IP legal determination for language-specific variants" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution Non Commercial", - "family": "CC-BY-NC-SA", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "deny", - "annotationRefs": [ - "PROHIBITED" - ], - "children": [ - "CC-BY-NC-SA-1.0", - "CC-BY-NC-SA-2.0", - "CC-BY-NC-SA-2.0-DE", - "CC-BY-NC-SA-2.0-FR", - "CC-BY-NC-SA-2.0-UK", - "CC-BY-NC-SA-2.5", - "CC-BY-NC-SA-3.0", - "CC-BY-NC-SA-3.0-DE", - "CC-BY-NC-SA-3.0-IGO", - "CC-BY-NC-SA-4.0" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-NC-SA-1.0.html", - "https://creativecommons.org/licenses/by-nc-sa/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-2.0.html", - "https://creativecommons.org/licenses/by-nc-sa/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-2.0-DE.html", - "https://creativecommons.org/licenses/by-nc-sa/2.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-2.0-FR.html", - "https://creativecommons.org/licenses/by-nc-sa/2.0/fr/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-2.0-UK.html", - "https://creativecommons.org/licenses/by-nc-sa/2.0/uk/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-2.5.html", - "https://creativecommons.org/licenses/by-nc-sa/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-3.0.html", - "https://creativecommons.org/licenses/by-nc-sa/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-3.0-DE.html", - "https://creativecommons.org/licenses/by-nc-sa/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-3.0-IGO.html", - "https://creativecommons.org/licenses/by-nc-sa/3.0/igo/legalcode", - "https://spdx.org/licenses/CC-BY-NC-SA-4.0.html", - "https://creativecommons.org/licenses/by-nc-sa/4.0/legalcode" - ], - "notes": [ - "Needs IP legal determination for language-specific variants" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution No Derivatives", - "family": "CC-BY-ND", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "children": [ - "CC-BY-ND-1.0", - "CC-BY-ND-2.0", - "CC-BY-ND-2.5", - "CC-BY-ND-3.0", - "CC-BY-ND-3.0-DE", - "CC-BY-ND-4.0" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-ND-1.0.html", - "https://creativecommons.org/licenses/by-nd/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-ND-2.0.html", - "https://creativecommons.org/licenses/by-nd/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-ND-2.5.html", - "https://creativecommons.org/licenses/by-nd/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-ND-3.0.html", - "https://creativecommons.org/licenses/by-nd/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-ND-3.0-DE.html", - "https://creativecommons.org/licenses/by-nd/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-ND-4.0.html", - "https://creativecommons.org/licenses/by-nd/4.0/legalcode" - ], - "notes": [ - "Needs IP legal determination for language-specific variants" - ] - }, - { - "id": "", - "name": "Creative Commons Attribution Share Alike", - "family": "CC-BY-SA", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "children": [ - "CC-BY-SA-1.0", - "CC-BY-SA-2.0", - "CC-BY-SA-2.0-UK", - "CC-BY-SA-2.1-JP", - "CC-BY-SA-2.5", - "CC-BY-SA-3.0", - "CC-BY-SA-3.0-AT", - "CC-BY-SA-3.0-DE", - "CC-BY-SA-3.0-IGO" - ], - "urls": [ - "https://spdx.org/licenses/CC-BY-SA-1.0.html", - "https://creativecommons.org/licenses/by-sa/1.0/legalcode", - "https://spdx.org/licenses/CC-BY-SA-2.0.html", - "https://creativecommons.org/licenses/by-sa/2.0/legalcode", - "https://spdx.org/licenses/CC-BY-SA-2.0-UK.html", - "https://creativecommons.org/licenses/by-sa/2.0/uk/legalcode", - "https://spdx.org/licenses/CC-BY-SA-2.1-JP.html", - "https://creativecommons.org/licenses/by-sa/2.1/jp/legalcode", - "https://spdx.org/licenses/CC-BY-SA-2.5.html", - "https://creativecommons.org/licenses/by-sa/2.5/legalcode", - "https://spdx.org/licenses/CC-BY-SA-3.0.html", - "https://creativecommons.org/licenses/by-sa/3.0/legalcode", - "https://spdx.org/licenses/CC-BY-SA-3.0-AT.html", - "https://creativecommons.org/licenses/by-sa/3.0/at/legalcode", - "https://spdx.org/licenses/CC-BY-SA-3.0-DE.html", - "https://creativecommons.org/licenses/by-sa/3.0/de/legalcode", - "https://spdx.org/licenses/CC-BY-SA-3.0-IGO.html", - "https://creativecommons.org/licenses/by-sa/3.0/igo/legalcode" - ], - "notes": [ - "Needs IP legal determination for language-specific variants", - "This license requires separately licensed code and also includes copyleft terms." - ] - }, - { - "id": "CC-BY-SA-4.0", - "name": "Creative Commons Attribution Share Alike 4.0 International", - "family": "CC-BY-SA-4.0", - "reference": "https://spdx.org/licenses/CC-BY-SA-4.0.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://creativecommons.org/licenses/by-sa/4.0/legalcode" - ], - "notes": [ - "This license requires separately licensed code and also includes copyleft terms." - ] - }, - { - "id": "CC-PDDC", - "name": "Creative Commons Public Domain Dedication and Certification", - "family": "CC-PDDC", - "reference": "https://spdx.org/licenses/CC-PDDC.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://creativecommons.org/licenses/publicdomain/" - ], - "notes": [ - "The \"CC-PDDC\" family assures this license is not confused with other \"CC-\" licenses" - ] - }, - { - "id": "CDDL-1.0", - "name": "Common Development and Distribution License 1.0", - "family": "CDDL", - "reference": "https://spdx.org/licenses/CDDL-1.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/cddl1" - ] - }, - { - "id": "CDDL-1.1", - "name": "Common Development and Distribution License 1.1", - "family": "CDDL", - "reference": "https://spdx.org/licenses/CDDL-1.1.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://glassfish.java.net/public/CDDL+GPL_1_1.html", - "https://javaee.github.io/glassfish/LICENSE" - ] - }, - { - "id": "CDLA-Permissive-1.0", - "name": "Community Data License Agreement Permissive 1.0", - "family": "CDLA", - "reference": "https://spdx.org/licenses/CDLA-Permissive-1.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "CDLA-PERMISSIVE", - "NEEDS-LEGAL-REVIEW-PII" - ], - "urls": [ - "https://cdla.io/permissive-1-0" - ] - }, - { - "id": "CDLA-Permissive-2.0", - "name": "Community Data License Agreement Permissive 2.0", - "family": "CDLA", - "reference": "https://spdx.org/licenses/CDLA-Permissive-2.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "CDLA-PERMISSIVE", - "NEEDS-LEGAL-REVIEW-PII" - ], - "urls": [ - "https://cdla.dev/permissive-2-0" - ] - }, - { - "id": "CDLA-Sharing-1.0", - "name": "Community Data License Agreement Sharing 1.0", - "family": "CDLA", - "reference": "https://spdx.org/licenses/CDLA-Sharing-1.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "CDLA-SHARING", - "NEEDS-LEGAL-REVIEW-PII" - ], - "urls": [ - "https://cdla.io/sharing-1-0" - ] - }, - { - "id": "ClArtistic", - "name": "Clarified Artistic License", - "family": "ClArtistic", - "reference": "https://spdx.org/licenses/ClArtistic.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://gianluca.dellavedova.org/2011/01/03/clarified-artistic-license/", - "http://www.ncftp.com/ncftp/doc/LICENSE.txt" - ] - }, - { - "id": "", - "name": "Commons-Clause", - "family": "Commons-Clause", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "urls": [ - "https://github.com/spdx/license-list-XML/issues/902" - ], - "notes": [ - "The SPDX community actively decided not to grant this license an SPDX ID" - ] - }, - { - "id": "CPL-1.0", - "name": "Common Public License 1.0", - "family": "CPL", - "reference": "https://spdx.org/licenses/CPL-1.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/CPL-1.0" - ] - }, - { - "id": "CPOL-1.02", - "name": "Code Project Open License 1.02", - "family": "CPOL", - "reference": "https://spdx.org/licenses/CPOL-1.02.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://www.codeproject.com/info/cpol10.aspx" - ] - }, - { - "id": "curl", - "name": "curl License", - "family": "curl", - "reference": "https://spdx.org/licenses/curl.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://github.com/bagder/curl/blob/master/COPYING" - ] - }, - { - "id": "", - "name": "CWI license", - "family": "CWI", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "urls": [ - "https://nethackwiki.com/wiki/CWI_license" - ], - "notes": [ - "The CWI license was applied to early releases of Hack" - ] - }, - { - "id": "ECL-1.0", - "name": "Educational Community License v1.0", - "family": "ECL-1.0", - "reference": "https://spdx.org/licenses/ECL-1.0.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://opensource.org/licenses/ECL-1.0" - ] - }, - { - "id": "ECL-2.0", - "name": "Educational Community License v2.0", - "family": "ECL-2.0", - "reference": "https://spdx.org/licenses/ECL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/ECL-2.0" - ] - }, - { - "id": "eGenix", - "name": "eGenix.com Public License 1.1.0", - "family": "eGenix", - "reference": "https://spdx.org/licenses/eGenix.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.egenix.com/products/eGenix.com-Public-License-1.1.0.pdf", - "https://fedoraproject.org/wiki/Licensing/eGenix.com_Public_License_1.1.0" - ] - }, - { - "id": "Elastic-2.0", - "name": "Elastic License 2.0", - "family": "Elastic", - "reference": "https://spdx.org/licenses/Elastic-2.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.elastic.co/licensing/elastic-license", - "https://github.com/elastic/elasticsearch/blob/master/licenses/ELASTIC-LICENSE-2.0.txt" - ], - "aliases": [ - "ELv2" - ] - }, - { - "id": "EPL-1.0", - "name": "Eclipse Public License 1.0", - "family": "EPL", - "reference": "https://spdx.org/licenses/EPL-1.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.eclipse.org/legal/epl-v10.html", - "https://opensource.org/licenses/EPL-1.0" - ] - }, - { - "id": "", - "name": "Eclipse Public License 1.1", - "family": "EPL-1.1", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "notes": [ - "An SPDX exists for EPL-1.0; however, custom scans identified a v1.1 variant not in SPDX" - ] - }, - { - "id": "EPL-2.0", - "name": "Eclipse Public License 2.0", - "family": "EPL", - "reference": "https://spdx.org/licenses/EPL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.eclipse.org/legal/epl-2.0", - "https://www.opensource.org/licenses/EPL-2.0" - ] - }, - { - "id": "ErlPL-1.1", - "name": "Erlang Public License v1.1", - "family": "ErlPL", - "reference": "https://spdx.org/licenses/ErlPL-1.1.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.erlang.org/EPLICENSE" - ] - }, - { - "id": "EUPL-1.0", - "name": "European Union Public License 1.0", - "family": "EUPL", - "reference": "https://spdx.org/licenses/EUPL-1.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://ec.europa.eu/idabc/en/document/7330.html", - "http://ec.europa.eu/idabc/servlets/Doc027f.pdf?id\u003d31096" - ] - }, - { - "id": "EUPL-1.1", - "name": "European Union Public License 1.1", - "family": "EUPL", - "reference": "https://spdx.org/licenses/EUPL-1.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://joinup.ec.europa.eu/software/page/eupl/licence-eupl", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl1.1.-licence-en_0.pdf", - "https://opensource.org/licenses/EUPL-1.1" - ] - }, - { - "id": "EUPL-1.2", - "name": "European Union Public License 1.2", - "family": "EUPL", - "reference": "https://spdx.org/licenses/EUPL-1.2.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://joinup.ec.europa.eu/page/eupl-text-11-12", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf", - "https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/2020-03/EUPL-1.2%20EN.txt", - "https://joinup.ec.europa.eu/sites/default/files/inline-files/EUPL%20v1_2%20EN(1).txt", - "http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri\u003dCELEX:32017D0863", - "https://opensource.org/licenses/EUPL-1.2" - ] - }, - { - "id": "FSFAP", - "name": "FSF All Permissive License", - "family": "FSFAP", - "reference": "https://spdx.org/licenses/FSFAP.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.gnu.org/prep/maintain/html_node/License-Notices-for-Other-Files.html" - ] - }, - { - "id": "FTL", - "name": "Freetype Project License", - "family": "FTL", - "reference": "https://spdx.org/licenses/FTL.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://freetype.fis.uniroma2.it/FTL.TXT", - "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/FTL.TXT", - "http://gitlab.freedesktop.org/freetype/freetype/-/raw/master/docs/FTL.TXT" - ] - }, - { - "id": "GFDL-1.1", - "name": "GNU Free Documentation License v1.1", - "family": "GFDL-1.1", - "reference": "https://spdx.org/licenses/GFDL-1.1.html", - "osi": false, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-invariants-only", - "name": "GNU Free Documentation License v1.1 only - invariants", - "family": "GFDL-1.1", - "reference": "https://spdx.org/licenses/GFDL-1.1-invariants-only.html", - "osi": false, - "fsf": false, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-invariants-or-later", - "name": "GNU Free Documentation License v1.1 or later - invariants", - "family": "GFDL-1.1", - "reference":"https://spdx.org/licenses/GFDL-1.1-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-no-invariants-only", - "name": "GNU Free Documentation License v1.1 only - no invariants", - "family": "GFDL-1.1", - "reference":"https://spdx.org/licenses/GFDL-1.1-no-invariants-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-no-invariants-or-later", - "name": "GNU Free Documentation License v1.1 or later - no invariants", - "family": "GFDL-1.1", - "reference": "https://spdx.org/licenses/GFDL-1.1-no-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-only", - "name": "GNU Free Documentation License v1.1 only", - "family": "GFDL-1.1", - "reference": "https://spdx.org/licenses/GFDL-1.1-only.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.1-or-later", - "name": "GNU Free Documentation License v1.1 or later", - "family": "GFDL-1.1", - "reference": "https://spdx.org/licenses/GFDL-1.1-or-later.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.1.txt" - ] - }, - { - "id": "GFDL-1.2", - "name": "GNU Free Documentation License v1.2", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2.html", - "osi": false, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-invariants-only", - "name": "GNU Free Documentation License v1.2 only - invariants", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-invariants-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-invariants-or-later", - "name": "GNU Free Documentation License v1.2 or later - invariants", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-no-invariants-only", - "name": "GNU Free Documentation License v1.2 only - no invariants", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-no-invariants-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-no-invariants-or-later", - "name": "GNU Free Documentation License v1.2 or later - no invariants", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-no-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-only", - "name": "GNU Free Documentation License v1.2 only", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-only.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.2-or-later", - "name": "GNU Free Documentation License v1.2 or later", - "family": "GFDL-1.2", - "reference": "https://spdx.org/licenses/GFDL-1.2-or-later.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/fdl-1.2.txt" - ] - }, - { - "id": "GFDL-1.3", - "name": "GNU Free Documentation License v1.3", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3.html", - "osi": false, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-invariants-only", - "name": "GNU Free Documentation License v1.3 only - invariants", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-invariants-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-invariants-or-later", - "name": "GNU Free Documentation License v1.3 or later - invariants", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-no-invariants-only", - "name": "GNU Free Documentation License v1.3 only - no invariants", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-no-invariants-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-no-invariants-or-later", - "name": "GNU Free Documentation License v1.3 or later - no invariants", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-no-invariants-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-only", - "name": "GNU Free Documentation License v1.3 only", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-only.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "GFDL-1.3-or-later", - "name": "GNU Free Documentation License v1.3 or later", - "family": "GFDL-1.3", - "reference": "https://spdx.org/licenses/GFDL-1.3-or-later.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.gnu.org/licenses/fdl-1.3.txt" - ] - }, - { - "id": "", - "name": "Google Patents File", - "family": "Google-Patents-File", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "notes": [ - "Recognizes additions to the Google BSD license" - ] - }, - { - "id": "GPL-1.0", - "name": "GNU General Public License v1.0 only", - "family": "GPL-1.0", - "reference": "https://spdx.org/licenses/GPL-1.0.html", - "osi": false, - "fsf": false, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ] - }, - { - "id": "GPL-1.0-only", - "name": "GNU General Public License v1.0 only", - "family": "GPL-1.0", - "reference": "https://spdx.org/licenses/GPL-1.0-only.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ] - }, - { - "id": "GPL-1.0-or-later", - "name": "GNU General Public License v1.0 or later", - "family": "GPL-1.0", - "reference": "https://spdx.org/licenses/GPL-1.0-or-later.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html" - ] - }, - { - "id": "GPL-2.0", - "name": "GNU General Public License v2.0 only", - "family": "GPL-2.0", - "reference": "https://spdx.org/licenses/GPL-2.0.html", - "osi": true, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ] - }, - { - "id": "GPL-2.0-only", - "name": "GNU General Public License v2.0 only", - "family": "GPL-2.0", - "reference": "https://spdx.org/licenses/GPL-2.0-only.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ] - }, - { - "id": "GPL-2.0-or-later", - "name": "GNU General Public License v2.0 or later", - "family": "GPL-2.0", - "reference": "https://spdx.org/licenses/GPL-2.0-or-later.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "https://opensource.org/licenses/GPL-2.0" - ] - }, - { - "id": "GPL-3.0", - "name": "GNU General Public License v3.0 only", - "family": "GPL-3.0", - "reference": "https://spdx.org/licenses/GPL-3.0.html", - "osi": true, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ] - }, - { - "id": "GPL-3.0-only", - "name": "GNU General Public License v3.0 only", - "family": "GPL-3.0", - "reference": "https://spdx.org/licenses/GPL-3.0-only.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ] - }, - { - "id": "GPL-3.0-or-later", - "name": "GNU General Public License v3.0 or later", - "family": "GPL", - "reference": "https://spdx.org/licenses/GPL-3.0-or-later.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/gpl-3.0-standalone.html", - "https://opensource.org/licenses/GPL-3.0" - ] - }, - { - "id": "GPL-3.0-with-GCC-exception", - "name": "GNU General Public License (GPL) w/GCC Runtime Library exception", - "family": "GPL-3.0", - "reference": "https://spdx.org/licenses/GPL-3.0-with-GCC-exception.html", - "osi": true, - "fsf": false, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "GPL-LINK-WARNING", - "NEEDS-LEGAL-REVIEW-GPL" - ], - "urls": [ - "https://www.gnu.org/licenses/gcc-exception-3.1.html" - ] - }, - { - "id": "", - "name": "GTPL (Globus Toolkit)", - "family": "GTPL", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "notes": [ - "Claims to be equivalent to an Apache-2.0 license" - ], - "urls": [ - "https://www.globus.org/legal/toolkit-license" - ] - }, - { - "id": "Hippocratic-2.1", - "name": "Hippocratic License 2.1", - "family": "Hippocratic", - "reference": "https://spdx.org/licenses/Hippocratic-2.1.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://firstdonoharm.dev/version/2/1/license.html", - "https://github.com/EthicalSource/hippocratic-license/blob/58c0e646d64ff6fbee275bfe2b9492f914e3ab2a/LICENSE.txt" - ] - }, - { - "id": "IJG", - "name": "Independent JPEG Group License", - "family": "IJG", - "reference": "https://spdx.org/licenses/IJG.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://dev.w3.org/cvsweb/Amaya/libjpeg/Attic/README?rev\u003d1.2" - ] - }, - { - "id": "ISC", - "name": "ISC License", - "family": "ISC", - "reference": "https://spdx.org/licenses/ISC.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.isc.org/licenses/", - "https://www.isc.org/downloads/software-support-policy/isc-license/", - "https://opensource.org/licenses/ISC" - ] - }, - { - "id": "", - "name": "JDBM LICENSE v1.00", - "family": "JDBM", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "notes": [ - "JDBM is a transactional persistence engine for Java" - ], - "urls": [ - "https://github.com/joval/jdbm/blob/master/LICENSE.txt", - "http://jdbm.sourceforge.net/" - ] - }, - { - "id": "", - "name": "JDOM license", - "family": "JDOM", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", - "NO-SPDX-ID" - ], - "urls": [ - "http://www.jdom.org/docs/faq.html#a0030" - ] - }, - { - "id": "JSON", - "name": "JSON License", - "family": "JSON", - "reference": "https://spdx.org/licenses/JSON.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://www.json.org/license.html" - ] - }, - { - "id": "LGPL-2.0", - "name": "GNU Library General Public License v2 only", - "family": "LGPL-2.0", - "reference": "https://spdx.org/licenses/LGPL-2.0.html", - "osi": true, - "fsf": false, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ] - }, - { - "id": "LGPL-2.0-only", - "name": "GNU Library General Public License v2 only", - "family": "LGPL-2.0", - "reference": "https://spdx.org/licenses/LGPL-2.0-only.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ] - }, - { - "id": "LGPL-2.0-or-later", - "name": "GNU Library General Public License v2 or later", - "family": "LGPL-2.0", - "reference": "https://spdx.org/licenses/LGPL-2.0-or-later.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html" - ] - }, - { - "id": "LGPL-2.1", - "name": "GNU Lesser General Public License v2.1 only", - "family": "LGPL-2.1", - "reference": "https://spdx.org/licenses/LGPL-2.1.html", - "osi": true, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ] - }, - { - "id": "LGPL-2.1-only", - "name": "GNU Lesser General Public License v2.1 only", - "family": "LGPL-2.1", - "reference": "https://spdx.org/licenses/LGPL-2.1-only.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ] - }, - { - "id": "LGPL-2.1-or-later", - "name": "GNU Lesser General Public License v2.1 or later", - "family": "LGPL-2.1", - "reference": "https://spdx.org/licenses/LGPL-2.1-or-later.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "https://opensource.org/licenses/LGPL-2.1" - ] - }, - { - "id": "LGPL-3.0", - "name": "GNU Lesser General Public License v3.0 only", - "family": "LGPL-3.0", - "reference": "https://spdx.org/licenses/LGPL-3.0.html", - "osi": true, - "fsf": true, - "deprecated": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ] - }, - { - "id": "LGPL-3.0-only", - "name": "GNU Lesser General Public License v3.0 only", - "family": "LGPL-3.0", - "reference": "https://spdx.org/licenses/LGPL-3.0-only.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ] - }, - { - "id": "LGPL-3.0-or-later", - "name": "GNU Lesser General Public License v3.0 or later", - "family": "LGPL-3.0", - "reference": "https://spdx.org/licenses/LGPL-3.0-or-later.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "LGPL-LINK-WARNING" - ], - "urls": [ - "https://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "https://www.gnu.org/licenses/lgpl+gpl-3.0.txt", - "https://opensource.org/licenses/LGPL-3.0" - ] - }, - { - "id": "MIT", - "name": "MIT License", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/MIT" - ] - }, - { - "id": "MIT-0", - "name": "MIT No Attribution", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT-0.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://github.com/aws/mit-0", - "https://romanrm.net/mit-zero", - "https://github.com/awsdocs/aws-cloud9-user-guide/blob/master/LICENSE-SAMPLECODE" - ] - }, - { - "id": "MIT-advertising", - "name": "Enlightenment License (e16)", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT-advertising.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "notes":["Should review as osiApproved is `false`"], - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/MIT_With_Advertising" - ] - }, - { - "id": "MIT-CMU", - "name": "CMU License", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT-CMU.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "notes":["Should review as osiApproved is `false`"], - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing:MIT?rd\u003dLicensing/MIT#CMU_Style", - "https://github.com/python-pillow/Pillow/blob/fffb426092c8db24a5f4b6df243a8a3c01fb63cd/LICENSE" - ] - }, - { - "id": "MIT-enna", - "name": "enna License", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT-enna.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "notes":["Should review as osiApproved is `false`"], - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/MIT#enna" - ] - }, - { - "id": "MIT-feh", - "name": "feh License", - "family": "MIT", - "reference": "https://spdx.org/licenses/MIT-feh.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "notes":["Should review as osiApproved is `false`"], - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/MIT#feh" - ] - }, - { - "id": "", - "name": "MIT-equivalent", - "family": "MIT-equivalent", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED", "NO-SPDX-ID" - ], - "children": [ - "MIT-iOS", - "MIT-1.0", - "MIT-1.1", - "MIT-2.0" - ], - "urls": [ - "https://opensource.org/licenses/MIT" - ], - "notes": [ - "Need URLs to examples of each equivalent license." - ] - }, - { - "id": "MPL-1.0", - "name": "Mozilla Public License 1.0", - "family": "MPL", - "reference": "https://spdx.org/licenses/MPL-1.0.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.mozilla.org/MPL/MPL-1.0.html", - "https://opensource.org/licenses/MPL-1.0" - ] - }, - { - "id": "MPL-1.1", - "name": "Mozilla Public License 1.1", - "family": "MPL", - "reference": "https://spdx.org/licenses/MPL-1.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.mozilla.org/MPL/MPL-1.1.html", - "https://opensource.org/licenses/MPL-1.1" - ] - }, - { - "id": "MPL-2.0", - "name": "Mozilla Public License 2.0", - "family": "MPL", - "reference": "https://spdx.org/licenses/MPL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.mozilla.org/MPL/2.0/", - "https://opensource.org/licenses/MPL-2.0" - ] - }, - { - "id": "MPL-2.0-no-copyleft-exception", - "name": "Mozilla Public License 2.0 (no copyleft exception)", - "family": "MPL-2.0-no-copyleft-exception", - "reference": "https://spdx.org/licenses/MPL-2.0-no-copyleft-exception.html", - "osi": true, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://www.mozilla.org/MPL/2.0/", - "https://opensource.org/licenses/MPL-2.0" - ] - }, - { - "id": "MS-LPL", - "name": "Microsoft Limited Public License", - "family": "MS-LPL", - "reference": "https://spdx.org/licenses/MS-LPL.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.openhub.net/licenses/mslpl", - "https://github.com/gabegundy/atlserver/blob/master/License.txt", - "https://en.wikipedia.org/wiki/Shared_Source_Initiative#Microsoft_Limited_Public_License_(Ms-LPL)" - ] - }, - { - "id": "MS-PL", - "name": "Microsoft Public License", - "family": "MS-PL", - "reference": "https://spdx.org/licenses/MS-PL.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.microsoft.com/opensource/licenses.mspx", - "https://opensource.org/licenses/MS-PL" - ] - }, - { - "id": "MS-RL", - "name": "Microsoft Reciprocal License", - "family": "MS-RL", - "reference": "https://spdx.org/licenses/MS-RL.html", - "osi": true, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ] , - "urls": [ - "http://www.microsoft.com/opensource/licenses.mspx", - "https://opensource.org/licenses/MS-RL" - ] - }, - { - "id": "NAIST-2003", - "name": "Nara Institute of Science and Technology License (2003)", - "family": "NAIST", - "reference": "https://spdx.org/licenses/NAIST-2003.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://enterprise.dejacode.com/licenses/public/naist-2003/#license-text", - "https://github.com/nodejs/node/blob/4a19cc8947b1bba2b2d27816ec3d0edf9b28e503/LICENSE#L343" - ] - }, - { - "id": "Net-SNMP", - "name": "Net-SNMP License", - "family": "Net", - "reference": "https://spdx.org/licenses/Net-SNMP.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://net-snmp.sourceforge.net/about/license.html" - ] - }, - { - "id": "", - "name": "NPM", - "family": "NPM", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NO-SPDX-ID" - ], - "notes": [ - "npm is released under the Artistic License 2.0 (see URL).", - "npm client is published under the MIT license (see URL).", - "This entry may be invalid if a variant cannot be referenced.", - "Should have a URL link to the canonical example of the license text." - ], - "urls":[ - "https://docs.npmjs.com/policies/npm-license", - "https://www.npmjs.com/package/npm-client" - ] - }, - { - "id": "OFL-1.0", - "name": "SIL Open Font License 1.0", - "family": "OFL-1.0", - "reference": "https://spdx.org/licenses/OFL-1.0.html", - "osi": false, - "fsf": true, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ] - }, - { - "id": "OFL-1.0-no-RFN", - "name": "SIL Open Font License 1.0 with no Reserved Font Name", - "family": "OFL-1.0", - "reference": "https://spdx.org/licenses/OFL-1.0-no-RFN.html", - "osi": false, - "fsf": false, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ] - }, - { - "id": "OFL-1.0-RFN", - "name": "SIL Open Font License 1.0 with Reserved Font Name", - "family": "OFL-1.0", - "reference": "https://spdx.org/licenses/OFL-1.0-RFN.html", - "osi": false, - "fsf": false, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL10_web" - ] - }, - { - "id": "OFL-1.1", - "name": "SIL Open Font License 1.1", - "family": "OFL-1.1", - "reference": "https://spdx.org/licenses/OFL-1.1.html", - "osi": true, - "fsf": true, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ] - }, - { - "id": "OFL-1.1-no-RFN", - "name": "SIL Open Font License 1.1 with no Reserved Font Name", - "family": "OFL-1.1", - "reference": "https://spdx.org/licenses/OFL-1.1.html", - "osi": true, - "fsf": false, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ] - }, - { - "id": "OFL-1.1-RFN", - "name": "SIL Open Font License 1.1 with Reserved Font Name", - "family": "OFL-1.1", - "reference": "https://spdx.org/licenses/OFL-1.1-RFN.html", - "osi": true, - "fsf": false, - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "usagePolicy": "needs-review", - "urls":[ - "http://scripts.sil.org/cms/scripts/page.php?item_id\u003dOFL_web", - "https://opensource.org/licenses/OFL-1.1" - ] - }, - { - "id": "OpenSSL", - "name": "OpenSSL License", - "family": "OpenSSL", - "reference": "https://spdx.org/licenses/OpenSSL.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.openssl.org/source/license.html" - ] - }, - { - "id": "PHP-3.0", - "name": "PHP License v3.0", - "family": "PHP", - "reference": "https://spdx.org/licenses/PHP-3.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.php.net/license/3_0.txt", - "https://opensource.org/licenses/PHP-3.0" - ] - }, - { - "id": "PHP-3.01", - "name": "PHP License v3.01", - "family": "PHP", - "reference": "https://spdx.org/licenses/PHP-3.01.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.php.net/license/3_01.txt" - ] - }, - { - "id": "Plexus", - "name": "Plexus_Classworlds", - "family": "Plexus", - "reference": "https://spdx.org/licenses/Plexus.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/Plexus_Classworlds_License" - ] - }, - { - "id": "PostgreSQL", - "name": "PostgreSQL License", - "family": "PostgreSQL", - "reference": "https://spdx.org/licenses/PostgreSQL.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.postgresql.org/about/licence", - "https://opensource.org/licenses/PostgreSQL" - ] - }, - { - "id": "Python-2.0", - "name": "Python License 2.0", - "family": "Python-2.0", - "reference": "https://spdx.org/licenses/Python-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/Python-2.0" - ] - }, - { - "id": "Python-2.0.1", - "name": "Python License 2.0.1", - "family": "Python-2.0.1", - "reference": "https://spdx.org/licenses/Python-2.0.1.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://www.python.org/download/releases/2.0.1/license/", - "https://docs.python.org/3/license.html", - "https://github.com/python/cpython/blob/main/LICENSE" - ] - }, - { - "id": "RSA-MD", - "name": "RSA Message-Digest License", - "family": "RSA", - "reference": "https://spdx.org/licenses/RSA-MD.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.faqs.org/rfcs/rfc1321.html" - ] - }, - { - "id": "Ruby", - "name": "Ruby License", - "family": "Ruby", - "reference": "https://spdx.org/licenses/Ruby.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.ruby-lang.org/en/LICENSE.txt" - ] - }, - { - "id": "SCEA", - "name": "SCEA Shared Source License", - "family": "SCEA", - "reference": "https://spdx.org/licenses/SCEA.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://research.scea.com/scea_shared_source_license.html" - ] - }, - { - "id": "SISSL", - "name": "Sun Industry Standards Source License v1.1", - "family": "SISSL", - "reference": "https://spdx.org/licenses/SISSL.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.openoffice.org/licenses/sissl_license.html", - "https://opensource.org/licenses/SISSL" - ] - }, - { - "id": "SISSL-1.2", - "name": "Sun Industry Standards Source License v1.2", - "family": "SISSL", - "reference": "https://spdx.org/licenses/SISSL-1.2.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://gridscheduler.sourceforge.net/Gridengine_SISSL_license.html" - ] - }, - { - "id": "Spencer-86", - "name": "Spencer License 86", - "family": "Spencer", - "reference": "https://spdx.org/licenses/Spencer-86.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "notes": [ - "Sometimes identified by the invalid SPDX ID \"Harry-Spencer\"" - ], - "urls": [ - "https://spdx.org/licenses/Spencer-86.html", - "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License" - ] - }, - { - "id": "Spencer-94", - "name": "Spencer License 94", - "family": "Spencer", - "reference": "https://spdx.org/licenses/Spencer-94.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "notes": [ - "Sometimes identified by the invalid SPDX ID \"Harry-Spencer\"" - ], - "urls": [ - "https://spdx.org/licenses/Spencer-94.html", - "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License", - "https://metacpan.org/release/KNOK/File-MMagic-1.30/source/COPYING#L28" - ] - }, - { - "id": "Spencer-99", - "name": "Spencer License 99", - "family": "Spencer", - "reference": "https://spdx.org/licenses/Spencer-99.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "notes": [ - "Sometimes identified by the invalid SPDX ID \"Harry-Spencer\"" - ], - "urls": [ - "https://spdx.org/licenses/Spencer-99.html", - "http://www.opensource.apple.com/source/tcl/tcl-5/tcl/generic/regfronts.c" - ] - }, - { - "id": "SSPL-1.0", - "name": "Server Side Public License, v 1", - "family": "SSPL", - "reference": "https://spdx.org/licenses/SSPL-1.0.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "https://www.mongodb.com/licensing/server-side-public-license" - ] - }, - { - "id": "UFL-1.0", - "name": "Ubuntu Font License", - "family": "UFL", - "reference": "", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NO-SPDX-ID" - ], - "notes": [ - "This license requires separately licensed code." - ], - "urls": [ - "https://ubuntu.com/legal/font-licence" - ] - }, - { - "id": "Unicode-DFS-2015", - "name": "Unicode License Agreement - Data Files and Software (2015)", - "family": "Unicode", - "reference": "https://spdx.org/licenses/Unicode-DFS-2015.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://web.archive.org/web/20151224134844/http://unicode.org/copyright.html" - ] - }, - { - "id": "Unicode-DFS-2016", - "name": "Unicode License Agreement - Data Files and Software (2016)", - "family": "Unicode", - "reference": "https://spdx.org/licenses/Unicode-DFS-2016.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.unicode.org/license.txt", - "http://web.archive.org/web/20160823201924/http://www.unicode.org/copyright.html#License", - "http://www.unicode.org/copyright.html" - ] - }, - { - "id": "Unicode-TOU", - "name": "Unicode Terms of Use", - "family": "Unicode", - "reference": "https://spdx.org/licenses/Unicode-TOU.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://web.archive.org/web/20140704074106/http://www.unicode.org/copyright.html", - "http://www.unicode.org/copyright.html" - ] - }, - { - "id": "UnixCrypt", - "name": "UnixCrypt License", - "family": "UnixCrypt", - "reference": "https://spdx.org/licenses/UnixCrypt.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "notes": [ - "Similar to the BSD 3-Clause \"New\" or \"Revised\" License" - ], - "urls": [ - "https://foss.heptapod.net/python-libs/passlib/-/blob/branch/stable/LICENSE#L70", - "https://opensource.apple.com/source/JBoss/JBoss-737/jboss-all/jetty/src/main/org/mortbay/util/UnixCrypt.java.auto.html", - "https://archive.eclipse.org/jetty/8.0.1.v20110908/xref/org/eclipse/jetty/http/security/UnixCrypt.html" - ] - }, - { - "id": "Vim", - "name": "Vim License", - "family": "Vim", - "reference": "https://spdx.org/licenses/Vim.html", - "osi": false, - "fsf": true, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL" - ], - "urls": [ - "http://vimdoc.sourceforge.net/htmldoc/uganda.html" - ] - }, - { - "id": "W3C", - "name": "W3C Software Notice and License (2002-12-31)", - "family": "W3C", - "reference": "https://spdx.org/licenses/W3C.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231.html", - "https://opensource.org/licenses/W3C" - ] - }, - { - "id": "W3C-19980720", - "name": "W3C Software Notice and License (1998-07-20)", - "family": "W3C", - "reference": "https://spdx.org/licenses/W3C-19980720.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.w3.org/Consortium/Legal/copyright-software-19980720.html" - ] - }, - { - "id": "W3C-20150513", - "name": "W3C Software Notice and Document License (2015-05-13)", - "family": "W3C", - "reference": "https://spdx.org/licenses/W3C-20150513.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://www.w3.org/Consortium/Legal/2015/copyright-software-and-document" - ] - }, - { - "id": "w3m", - "name": "w3m License", - "family": "w3m", - "reference": "https://spdx.org/licenses/w3m.html", - "osi": false, - "fsf": false, - "usagePolicy": "needs-review", - "annotationRefs": [ - "NEEDS-APPROVAL", - "NEEDS-IP-LEGAL-REVIEW" - ], - "urls": [ - "https://github.com/tats/w3m/blob/master/COPYING" - ] - }, - { - "id": "WTFPL", - "name": "Do What The F*ck You Want To Public License", - "family": "WTFPL", - "reference": "https://spdx.org/licenses/WTFPL.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.wtfpl.net/about/", - "http://sam.zoy.org/wtfpl/COPYING" - ] - }, - { - "id": "X11", - "name": "X11 License", - "family": "X11", - "reference": "https://spdx.org/licenses/X11.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3" - ] - }, - { - "id": "X11-distribute-modifications-variant", - "name": "X11 License Distribution Modification Variant", - "family": "X11", - "reference": "https://spdx.org/licenses/X11-distribute-modifications-variant.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://github.com/mirror/ncurses/blob/master/COPYING" - ] - }, - { - "id": "Xnet", - "name": "X.Net License", - "family": "Xnet", - "reference": "https://spdx.org/licenses/Xnet.html", - "osi": true, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://opensource.org/licenses/Xnet" - ] - }, - { - "id": "Zend-2.0", - "name": "Zend License v2.0", - "family": "Zend", - "reference": "https://spdx.org/licenses/Zend-2.0.html", - "osi": false, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://web.archive.org/web/20130517195954/http://www.zend.com/license/2_00.txt" - ] - }, - { - "id": "Zlib", - "name": "zlib License", - "family": "Zlib", - "reference": "https://spdx.org/licenses/Zlib.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://www.zlib.net/zlib_license.html", - "https://opensource.org/licenses/Zlib" - ] - }, - { - "id": "zlib-acknowledgement", - "name": "zlib/libpng License with Acknowledgement", - "family": "zlib", - "reference": "https://spdx.org/licenses/zlib-acknowledgement.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "https://fedoraproject.org/wiki/Licensing/ZlibWithAcknowledgement" - ] - }, - { - "id": "ZPL-1.1", - "name": "Zope Public License 1.1", - "family": "ZPL", - "reference": "https://spdx.org/licenses/ZPL-1.1.html", - "osi": false, - "fsf": false, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://old.zope.org/Resources/License/ZPL-1.1" - ] - }, - { - "id": "ZPL-2.0", - "name": "Zope Public License 2.0", - "family": "ZPL", - "reference": "https://spdx.org/licenses/ZPL-2.0.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://old.zope.org/Resources/License/ZPL-2.0", - "https://opensource.org/licenses/ZPL-2.0" - ] - }, - { - "id": "ZPL-2.1", - "name": "Zope Public License 2.1", - "family": "ZPL", - "reference": "https://spdx.org/licenses/ZPL-2.1.html", - "osi": true, - "fsf": true, - "usagePolicy": "allow", - "annotationRefs": [ - "APPROVED" - ], - "urls": [ - "http://old.zope.org/Resources/ZPL/" - ] - } - ], - "annotations": { - "APPROVED": "Approved for use according to license requirements", - "PROHIBITED": "Prohibited", - "NEEDS-APPROVAL": "Needs legal approval for product or service usage, ok for internal use.", - "NEEDS-IP-LEGAL-REVIEW": "License needs review by IP legal team for usage determination", - "NO-SPDX-ID": "No SPDX ID exists for license.", - "AGPL-WARNING": "Can’t be linked in any way (no static or dynamic linking) to product code. Any interaction needs to be at arms length through the command line or other system level interaction. This will need your executive’s approval, so be sure to connect with your release manager or squad leader as soon as you identify the need to use this license.", - "GPL-LINK-WARNING": "Can’t be linked in any way (no static or dynamic linking) to product code. Any interaction needs to be at arms length through the command line or other system level interaction. This will need your executive’s approval, so be sure to connect with your release manager or squad leader as soon as you identify the need to use this license.", - "LGPL-LINK-WARNING": "Only dynamic linking is allowed to product code. This license needs management approval.", - "CC-BY-SAAS": "SaaS usage of CC-BY 2.0/2.5 /3.0/4.0 license, will no longer require a notice with a URI linking to the full text of the CC-BY license and download location.", - "CC-BY-ON-PREM": "For on-premise distribution of CC-BY, the primary requirement of providing notice and SLC still applies.", - "CDLA-PERMISSIVE": "The CDLA Sharing license is preferred for data contributions, but the CDLA permissive can also be approved.", - "CDLA-SHARING": "This is the preferred license for data contributions, and is also acceptable for use in products and services.", - "NEEDS-LEGAL-REVIEW-PII": "The legal review ensures privacy, personal information, and other aspects specific to data are reviewed.", - "NEEDS-LEGAL-REVIEW-GPL": "Needs legal review to assure GPL requirements are met." - } -} \ No newline at end of file diff --git a/schema/bom_hash.go b/schema/bom_hash.go index 3f15328b..5ba05528 100644 --- a/schema/bom_hash.go +++ b/schema/bom_hash.go @@ -64,7 +64,6 @@ func (bom *BOM) HashmapComponentResources(whereFilters []common.WhereFilter) (er return } -// TODO: use pointer for []CDXComponent func (bom *BOM) HashmapComponents(components []CDXComponent, whereFilters []common.WhereFilter, root bool) (err error) { getLogger().Enter() defer getLogger().Exit(err) @@ -83,7 +82,8 @@ func (bom *BOM) HashmapComponents(components []CDXComponent, whereFilters []comm func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []common.WhereFilter, root bool) (hashed bool, err error) { getLogger().Enter() defer getLogger().Exit(err) - var resourceInfo CDXResourceInfo + //var componentInfo CDXResourceInfo + var componentInfo CDXComponentInfo if reflect.DeepEqual(cdxComponent, CDXComponent{}) { getLogger().Warning("empty component object found") @@ -98,40 +98,41 @@ func (bom *BOM) HashmapComponent(cdxComponent CDXComponent, whereFilters []commo getLogger().Warningf("component named `%s` missing `version`", cdxComponent.Name) } - if cdxComponent.BOMRef != nil && *cdxComponent.BOMRef == "" { + //if cdxComponent.BOMRef != nil && *cdxComponent.BOMRef == "" { + if cdxComponent.BOMRef == nil || *cdxComponent.BOMRef == "" { getLogger().Warningf("component named `%s` missing `bom-ref`", cdxComponent.Name) } // hash any component w/o a license using special key name - resourceInfo.IsRoot = root - resourceInfo.Type = RESOURCE_TYPE_COMPONENT - resourceInfo.Component = cdxComponent - resourceInfo.Name = cdxComponent.Name + componentInfo.IsRoot = root + componentInfo.ResourceType = RESOURCE_TYPE_COMPONENT + componentInfo.Component = cdxComponent + componentInfo.Name = cdxComponent.Name if cdxComponent.BOMRef != nil { ref := *cdxComponent.BOMRef - resourceInfo.BOMRef = ref.String() + componentInfo.BOMRef = ref.String() } - resourceInfo.Version = cdxComponent.Version + componentInfo.Version = cdxComponent.Version if cdxComponent.Supplier != nil { - resourceInfo.SupplierProvider = cdxComponent.Supplier + componentInfo.SupplierProvider = cdxComponent.Supplier } - resourceInfo.Properties = cdxComponent.Properties + componentInfo.Properties = cdxComponent.Properties var match bool = true if len(whereFilters) > 0 { - mapResourceInfo, _ := utils.MarshalStructToJsonMap(resourceInfo) + mapResourceInfo, _ := utils.MarshalStructToJsonMap(componentInfo) match, _ = whereFilterMatch(mapResourceInfo, whereFilters) } if match { hashed = true - bom.ComponentMap.Put(resourceInfo.BOMRef, resourceInfo) - bom.ResourceMap.Put(resourceInfo.BOMRef, resourceInfo) + bom.ComponentMap.Put(componentInfo.BOMRef, componentInfo) + bom.ResourceMap.Put(componentInfo.BOMRef, componentInfo.CDXResourceInfo) - getLogger().Tracef("Put: %s (`%s`), `%s`)", - resourceInfo.Name, - resourceInfo.Version, - resourceInfo.BOMRef) + getLogger().Infof("Put: %s (`%s`), `%s`)", + componentInfo.Name, + componentInfo.Version, + componentInfo.BOMRef) } // Recursively hash licenses for all child components (i.e., hierarchical composition) @@ -181,7 +182,7 @@ func (bom *BOM) HashmapServices(services []CDXService, whereFilters []common.Whe func (bom *BOM) HashmapService(cdxService CDXService, whereFilters []common.WhereFilter) (hashed bool, err error) { getLogger().Enter() defer getLogger().Exit(err) - var resourceInfo CDXResourceInfo + var serviceInfo CDXServiceInfo if reflect.DeepEqual(cdxService, CDXService{}) { getLogger().Warning("empty service object found") @@ -196,40 +197,40 @@ func (bom *BOM) HashmapService(cdxService CDXService, whereFilters []common.Wher getLogger().Warningf("service named `%s` missing `version`", cdxService.Name) } - if cdxService.BOMRef == nil || *cdxService.BOMRef != "" { + if cdxService.BOMRef == nil || *cdxService.BOMRef == "" { getLogger().Warningf("service named `%s` missing `bom-ref`", cdxService.Name) } // hash any component w/o a license using special key name - resourceInfo.Type = RESOURCE_TYPE_SERVICE - resourceInfo.Service = cdxService - resourceInfo.Name = cdxService.Name + serviceInfo.ResourceType = RESOURCE_TYPE_SERVICE + serviceInfo.Service = cdxService + serviceInfo.Name = cdxService.Name if cdxService.BOMRef != nil { - resourceInfo.BOMRef = cdxService.BOMRef.String() + serviceInfo.BOMRef = cdxService.BOMRef.String() } - resourceInfo.Version = cdxService.Version + serviceInfo.Version = cdxService.Version if cdxService.Provider != nil { - resourceInfo.SupplierProvider = cdxService.Provider + serviceInfo.SupplierProvider = cdxService.Provider } - resourceInfo.Properties = cdxService.Properties + serviceInfo.Properties = cdxService.Properties var match bool = true if len(whereFilters) > 0 { - mapResourceInfo, _ := utils.MarshalStructToJsonMap(resourceInfo) + mapResourceInfo, _ := utils.MarshalStructToJsonMap(serviceInfo) match, _ = whereFilterMatch(mapResourceInfo, whereFilters) } if match { // TODO: AppendLicenseInfo(LICENSE_NONE, resourceInfo) hashed = true - bom.ServiceMap.Put(resourceInfo.BOMRef, resourceInfo) - bom.ResourceMap.Put(resourceInfo.BOMRef, resourceInfo) + bom.ServiceMap.Put(serviceInfo.BOMRef, serviceInfo) + bom.ResourceMap.Put(serviceInfo.BOMRef, serviceInfo.CDXResourceInfo) getLogger().Tracef("Put: [`%s`] %s (`%s`), `%s`)", - resourceInfo.Type, - resourceInfo.Name, - resourceInfo.Version, - resourceInfo.BOMRef, + serviceInfo.ResourceType, + serviceInfo.Name, + serviceInfo.Version, + serviceInfo.BOMRef, ) } @@ -248,8 +249,7 @@ func (bom *BOM) HashmapService(cdxService CDXService, whereFilters []common.Wher // Licenses // ------------------- -func (bom *BOM) HashmapLicenseInfo(policyConfig *LicensePolicyConfig, key string, licenseInfo LicenseInfo, whereFilters []common.WhereFilter) (hashed bool, err error) { - +func (bom *BOM) HashmapLicenseInfo(policyConfig *LicensePolicyConfig, key string, licenseInfo LicenseInfo, whereFilters []common.WhereFilter, licenseFlags utils.LicenseCommandFlags) (hashed bool, err error) { if reflect.DeepEqual(licenseInfo, LicenseInfo{}) { getLogger().Warning("empty license object found") return @@ -269,6 +269,14 @@ func (bom *BOM) HashmapLicenseInfo(policyConfig *LicensePolicyConfig, key string licenseInfo.LicenseChoiceType = GetLicenseChoiceTypeName(licenseInfo.LicenseChoiceTypeValue) licenseInfo.BOMLocation = GetLicenseChoiceLocationName(licenseInfo.BOMLocationValue) + // If we need to include all license fields, they need to be copied to from + // wherever they appear into base LicenseInfo struct (for JSON tag/where filtering) + // i.e., "License.Id", "License.Name", "License.Url", "Expression", + // "License.Text.ContentType", "License.Text.Encoding", "License.Text.Content" + if !licenseFlags.Summary { + copyExtendedLicenseChoiceFieldData(&licenseInfo) + } + var match bool = true if len(whereFilters) > 0 { mapInfo, _ := utils.MarshalStructToJsonMap(licenseInfo) @@ -279,7 +287,6 @@ func (bom *BOM) HashmapLicenseInfo(policyConfig *LicensePolicyConfig, key string hashed = true // Hash LicenseInfo by license key (i.e., id|name|expression) bom.LicenseMap.Put(key, licenseInfo) - getLogger().Tracef("Put: %s (`%s`), `%s`)", licenseInfo.ResourceName, licenseInfo.UsagePolicy, @@ -288,6 +295,35 @@ func (bom *BOM) HashmapLicenseInfo(policyConfig *LicensePolicyConfig, key string return } +// TODO make this a method of *LicenseInfo (object) +func copyExtendedLicenseChoiceFieldData(pLicenseInfo *LicenseInfo) { + if pLicenseInfo == nil { + getLogger().Tracef("invalid *LicenseInfo") + return + } + + var lcType = pLicenseInfo.LicenseChoiceType + if lcType == LC_VALUE_ID || lcType == LC_VALUE_NAME { + if pLicenseInfo.LicenseChoice.License == nil { + getLogger().Tracef("invalid *CDXLicense") + return + } + pLicenseInfo.LicenseId = pLicenseInfo.LicenseChoice.License.Id + pLicenseInfo.LicenseName = pLicenseInfo.LicenseChoice.License.Name + pLicenseInfo.LicenseUrl = pLicenseInfo.LicenseChoice.License.Url + + if pLicenseInfo.LicenseChoice.License.Text != nil { + // NOTE: always copy full context text; downstream display functions + // can truncate later + pLicenseInfo.LicenseTextContent = pLicenseInfo.LicenseChoice.License.Text.Content + pLicenseInfo.LicenseTextContentType = pLicenseInfo.LicenseChoice.License.Text.ContentType + pLicenseInfo.LicenseTextEncoding = pLicenseInfo.LicenseChoice.License.Text.Encoding + } + } else if lcType == LC_VALUE_EXPRESSION { + pLicenseInfo.LicenseExpression = pLicenseInfo.LicenseChoice.Expression + } +} + // ------------------- // Vulnerabilities // ------------------- diff --git a/schema/bom_hash_test.go b/schema/bom_hash_test.go index b72dfdf0..02edb34e 100644 --- a/schema/bom_hash_test.go +++ b/schema/bom_hash_test.go @@ -431,8 +431,8 @@ func TestHashZeroCDXVulnerabilityStruct(t *testing.T) { func TestHashZeroCDXLicenseInfoStruct(t *testing.T) { cdxLicenseInfo := new(LicenseInfo) document := NewBOM("") - hashed, err := document.HashmapLicenseInfo(nil, "foo", *cdxLicenseInfo, nil) - // HashLicenseInfo(bom *schema.BOM, policyConfig *schema.LicensePolicyConfig, key string, licenseInfo schema.LicenseInfo, whereFilters []common.WhereFilter) (hashed bool) + flags := new(utils.LicenseCommandFlags) + hashed, err := document.HashmapLicenseInfo(nil, "foo", *cdxLicenseInfo, nil, *flags) if err != nil { t.Error(err) return diff --git a/schema/cyclonedx.go b/schema/cyclonedx.go index 5298af41..a4ed1763 100644 --- a/schema/cyclonedx.go +++ b/schema/cyclonedx.go @@ -59,7 +59,7 @@ type CDXBom struct { // v1.5: added "lifecycles" type CDXMetadata struct { Timestamp string `json:"timestamp,omitempty" scvs:"bom:core:timestamp"` // urn:owasp:scvs:bom:core:timestamp - Tools interface{} `json:"tools,omitempty"` // v1.2: added.v1.5: "tools" is now an interface{} + Tools interface{} `json:"tools,omitempty"` // v1.2: added; v1.5: "tools" is now an interface{} Authors *[]CDXOrganizationalContact `json:"authors,omitempty"` Component *CDXComponent `json:"component,omitempty"` Manufacturer *CDXOrganizationalEntity `json:"manufacture,omitempty"` // NOTE: Typo is in spec. @@ -69,6 +69,21 @@ type CDXMetadata struct { Lifecycles *[]CDXLifecycle `json:"lifecycles,omitempty"` // v1.5 added } +// TODO: figure out how to support both current (object)/legacy(array) tools in Metadata.Tools field +// See: https://stackoverflow.com/questions/47057240/parsing-multiple-json-types-into-the-same-struct +// type CDXToolLegacy struct { +// Name string `json:"name,omitempty"` +// Version string `json:"version,omitempty"` +// Vendor string `json:"vendor,omitempty"` +// Hashes *[]CDXHash `json:"hashes,omitempty"` +// ExternalReferences *[]CDXExternalReference `json:"externalReferences,omitempty"` +// } + +// type CDXTools struct { +// Components *[]CDXComponent `json:"components,omitempty"` +// Services *[]CDXService `json:"services,omitempty"` +// } + // v1.2: existed // v1.3: added: "evidence", "properties" // v1.4: added: "releaseNotes", "signature" @@ -89,7 +104,6 @@ type CDXComponent struct { BOMRef *CDXRefType `json:"bom-ref,omitempty"` MimeType string `json:"mime-type,omitempty"` Supplier *CDXOrganizationalEntity `json:"supplier,omitempty"` - Author string `json:"author,omitempty"` Publisher string `json:"publisher,omitempty"` Scope string `json:"scope,omitempty"` // Constraint: "enum": ["required","optional","excluded"] Hashes *[]CDXHash `json:"hashes,omitempty"` @@ -103,13 +117,14 @@ type CDXComponent struct { Components *[]CDXComponent `json:"components,omitempty"` Evidence *CDXComponentEvidence `json:"evidence,omitempty"` // v1.3: added Properties *[]CDXProperty `json:"properties,omitempty"` // v1.3: added - Modified bool `json:"modified,omitempty" cdx:"deprecated"` // v1.4: deprecated ReleaseNotes *[]CDXReleaseNotes `json:"releaseNotes,omitempty"` // v1.4: added Signature *JSFSignature `json:"signature,omitempty"` // v1.4: added ModelCard *CDXModelCard `json:"modelCard,omitempty"` // v1.5: added Data *[]CDXComponentData `json:"data,omitempty"` // v1.5: added Authors *[]CDXOrganizationalContact `json:"authors,omitempty"` // v1.6: added Tags *[]string `json:"tags,omitempty" cdx:"+1.6"` // v1.6: added + Modified bool `json:"modified,omitempty" cdx:"deprecated"` // v1.4: deprecated + Author string `json:"author,omitempty"` // v1.6: deprecated } // v1.5 added object diff --git a/schema/cyclonedx_abstractions.go b/schema/cyclonedx_abstractions.go index ce49511f..9e4fa931 100644 --- a/schema/cyclonedx_abstractions.go +++ b/schema/cyclonedx_abstractions.go @@ -51,16 +51,49 @@ func IsValidResourceType(value string) bool { // the CDX types CDXComponent and CDXService. type CDXResourceInfo struct { IsRoot bool - Type string `json:"type"` - BOMRef string `json:"bom-ref"` + ResourceType string `json:"resource-type"` + Group string `json:"group"` Name string `json:"name"` Version string `json:"version"` + Description string `json:"description"` + BOMRef string `json:"bom-ref"` SupplierProvider *CDXOrganizationalEntity Properties *[]CDXProperty Component CDXComponent Service CDXService } +// ------------------- +// Components +// ------------------- +// TODO: Supplier (*CDXOrganizationalEntity), Authors (*[]CDXOrganizationalContact) +// TODO: HasHashes, HasLicenses, HasPedigree, HasEvidence, HasComponents, HasReleaseNotes +// TODO: HasModelCard, HasData, HasTags, HasSignature (*JSFSignature) +// TODO: OmniborId (new), Swhid (new) +type CDXComponentInfo struct { + Type string `json:"type"` + Publisher string `json:"publisher,omitempty"` + Scope string `json:"scope,omitempty"` + Copyright string `json:"copyright,omitempty"` + Cpe string `json:"cpe,omitempty"` // See: https://nvd.nist.gov/products/cpe + Purl string `json:"purl,omitempty" scvs:"bom:resource:identifiers:purl"` // See: https://github.com/package-url/purl-spec + Swid *CDXSwid `json:"swid,omitempty"` + CDXResourceInfo +} + +// ------------------- +// Services +// ------------------- +// TODO: HasServices, HasEndpoints +// TODO: HasLicenses, HasReleaseNotes, HasData, HasTags, HasSignature (*JSFSignature) +// TODO: HasProperties, HasExternalRefs +type CDXServiceInfo struct { + CDXResourceInfo + Authenticated bool `json:"authenticated,omitempty"` + XTrustBoundary bool `json:"x-trust-boundary,omitempty"` + TrustZone string `json:"trustZone,omitempty"` +} + // ------------------- // Vulnerabilities // ------------------- @@ -148,6 +181,17 @@ type LicenseInfo struct { Policy LicensePolicy // Do not marshal Component CDXComponent // Do not marshal Service CDXService // Do not marshal + ExtendedLicenseInfo +} + +type ExtendedLicenseInfo struct { + LicenseId string `json:"license-id"` + LicenseName string `json:"license-name"` + LicenseExpression string `json:"license-expression"` + LicenseUrl string `json:"license-url"` + LicenseTextEncoding string `json:"license-text-encoding"` + LicenseTextContentType string `json:"license-text-content-type"` + LicenseTextContent string `json:"license-text-content"` } func (licenseInfo *LicenseInfo) SetLicenseChoiceTypeValue(value int) { diff --git a/schema/cyclonedx_normalize.go b/schema/cyclonedx_normalize.go index fcdca9cc..31398ea8 100644 --- a/schema/cyclonedx_normalize.go +++ b/schema/cyclonedx_normalize.go @@ -33,6 +33,7 @@ type CDXExternalReferenceSlice []CDXExternalReference type CDXHashSlice []CDXHash type CDXLicenseChoiceSlice []CDXLicenseChoice type CDXLicenseSlice []CDXLicense // TODO: used in CDXComponentEvidence +type CDXLifecycleSlice []CDXLifecycle type CDXOrganizationalContactSlice []CDXOrganizationalContact type CDXOrganizationalEntitySlice []CDXOrganizationalEntity type CDXPropertySlice []CDXProperty @@ -69,6 +70,11 @@ func NormalizeSupported(itfc interface{}) bool { return interfaceSupported(Normalizer(nil), itfc) } +func IsValidUUID(u string) bool { + _, err := uuid.Parse(u) + return err == nil +} + // ==================================================================== // Normalization (i.e., "sort by") rules: // ==================================================================== @@ -101,6 +107,10 @@ func (bom *CDXBom) Normalize() { if bom.Dependencies != nil { CDXDependencySlice(*bom.Dependencies).Normalize() } + // Sort Compositions + if bom.Compositions != nil { + CDXCompositionSlice(*bom.Compositions).Normalize() + } // Sort: Vulnerabilities if bom.Vulnerabilities != nil { CDXVulnerabilitySlice(*bom.Vulnerabilities).Normalize() @@ -121,39 +131,10 @@ func (bom *CDXBom) Normalize() { if bom.Properties != nil { CDXPropertySlice(*bom.Properties).Normalize() } - // TODO: Sort Compositions // TODO: Sort: Declarations (v1.6) // TODO: Sort: Definitions (v1.6) } -// TODO: Sort Metadata object fields that are slices: -// Tools interface{} `json:"tools,omitempty"` // v1.2: added.v1.5: "tools" is now an interface{} -// Manufacturer *CDXOrganizationalEntity `json:"manufacture,omitempty"` // NOTE: Typo is in spec. -// Supplier *CDXOrganizationalEntity `json:"supplier,omitempty"` -// Lifecycles *[]CDXLifecycle `json:"lifecycles,omitempty"` // v1.5 added -func (pMetadata *CDXMetadata) Normalize() { - if pMetadata != nil { - metadata := *pMetadata - // Sort: Component - if metadata.Component != nil { - metadata.Component.Normalize() - } - // Sort: Licenses - if metadata.Licenses != nil { - CDXLicenseChoiceSlice(*metadata.Licenses).Normalize() - } - // Sort: Properties - if metadata.Properties != nil { - CDXPropertySlice(*metadata.Properties).Normalize() - } - // Sort: Authors - if metadata.Authors != nil { - CDXOrganizationalContactSlice(*metadata.Authors).Normalize() - } - // TODO: Sort: Lifecycles - } -} - func (component *CDXComponent) Normalize() { // Sort: Components // Note: The following method is recursive @@ -192,49 +173,32 @@ func (component *CDXComponent) Normalize() { if component.Tags != nil { sort.Strings(*component.Tags) } - // TODO: Sort: Evidence - // TODO: Sort: ModelCard - // TODO: Sort: Pedigree (i.e., its Ancestors, Dependents, etc.) + // TODO: Sort: Evidence, Difficult since it has no top-level required fields, and all arrays + // TODO: Sort: ModelCard (v.1.5), Difficult since it has no top-level required fields, and all arrays + // TODO: Sort: Pedigree (i.e., its Ancestors, Dependents, etc.), Difficult since it has no top-level required fields, and all arrays // TODO: Sort: CryptoProperties (v1.6) } -func (service *CDXService) Normalize() { - // Sort: Services - // Note: The following method is recursive - if service.Services != nil { - CDXServiceSlice(*service.Services).Normalize() - } - // Sort: Licenses - if service.Licenses != nil { - CDXLicenseChoiceSlice(*service.Licenses).Normalize() - } - // Sort: ReleaseNotes - if service.ReleaseNotes != nil { - CDXReleaseNotesSlice(*service.ReleaseNotes).Normalize() - } - // Sort: ExternalReferences - if service.ExternalReferences != nil { - CDXExternalReferenceSlice(*service.ExternalReferences).Normalize() - } - // Sort: Properties - if service.Properties != nil { - CDXPropertySlice(*service.Properties).Normalize() +func (composition *CDXCompositions) Normalize() { + // Sort: Assemblies + if composition.Assemblies != nil { + // Note: "Assembly" is really OneOf: "refLinkType" or "bomLinkElementType" + // BOTH of which map to "string" (thankfully for now) + sort.Strings(*composition.Assemblies) } - // Sort: Endpoints (i.e., an array of "string") - if service.Endpoints != nil { - sort.Strings(*service.Endpoints) + // Sort: Dependencies + if composition.Dependencies != nil { + sort.Strings(*composition.Dependencies) } - // Sort: Tags (i.e., an array of "string") (v1.6) - if service.Tags != nil { - sort.Strings(*service.Tags) + // Sort: Vulnerabilities + if composition.Vulnerabilities != nil { + CDXVulnerabilitySlice(*composition.Vulnerabilities).Normalize() } - // TODO: Sort: (Service) Data } -func (licenseChoice CDXLicenseChoice) Normalize() { - // Sort: License (slices within) - if licenseChoice.License != nil { - licenseChoice.License.Normalize() +func (dependency CDXDependency) Normalize() { + if dependency.DependsOn != nil { + CDXRefLinkTypeSlice(*dependency.DependsOn).Normalize() } } @@ -249,6 +213,13 @@ func (license CDXLicense) Normalize() { } } +func (licenseChoice CDXLicenseChoice) Normalize() { + // Sort: License (slices within) + if licenseChoice.License != nil { + licenseChoice.License.Normalize() + } +} + func (licensing CDXLicensing) Normalize() { // Sort: AltIds if licensing.AltIds != nil { @@ -260,26 +231,31 @@ func (licensing CDXLicensing) Normalize() { } } -func (dependency CDXDependency) Normalize() { - if dependency.DependsOn != nil { - CDXRefLinkTypeSlice(*dependency.DependsOn).Normalize() - } -} - -func (composition *CDXCompositions) Normalize() { - // Sort: Assemblies - if composition.Assemblies != nil { - // Note: "Assembly" is really OneOf: "refLinkType" or "bomLinkElementType" - // BOTH of which map to "string" (thankfully for now) - sort.Strings(*composition.Assemblies) - } - // Sort: Dependencies - if composition.Dependencies != nil { - sort.Strings(*composition.Dependencies) - } - // Sort: Vulnerabilities - if composition.Vulnerabilities != nil { - CDXVulnerabilitySlice(*composition.Vulnerabilities).Normalize() +// TODO: Sort Metadata object fields that are slices: +// Tools interface{} `json:"tools,omitempty"` // v1.2: added.v1.5: "tools" is now an interface{} +func (pMetadata *CDXMetadata) Normalize() { + if pMetadata != nil { + metadata := *pMetadata + // Sort: Component + if metadata.Component != nil { + metadata.Component.Normalize() + } + // Sort: Licenses + if metadata.Licenses != nil { + CDXLicenseChoiceSlice(*metadata.Licenses).Normalize() + } + // Sort: Properties + if metadata.Properties != nil { + CDXPropertySlice(*metadata.Properties).Normalize() + } + // Sort: Authors + if metadata.Authors != nil { + CDXOrganizationalContactSlice(*metadata.Authors).Normalize() + } + // Sort: Lifecycles + if metadata.Lifecycles != nil { + CDXLifecycleSlice(*metadata.Lifecycles).Normalize() + } } } @@ -290,10 +266,51 @@ func (entity *CDXOrganizationalEntity) Normalize() { } } +func (service *CDXService) Normalize() { + // Sort: Services + // Note: The following method is recursive + if service.Services != nil { + CDXServiceSlice(*service.Services).Normalize() + } + // Sort: Licenses + if service.Licenses != nil { + CDXLicenseChoiceSlice(*service.Licenses).Normalize() + } + // Sort: ReleaseNotes + if service.ReleaseNotes != nil { + CDXReleaseNotesSlice(*service.ReleaseNotes).Normalize() + } + // Sort: ExternalReferences + if service.ExternalReferences != nil { + CDXExternalReferenceSlice(*service.ExternalReferences).Normalize() + } + // Sort: Properties + if service.Properties != nil { + CDXPropertySlice(*service.Properties).Normalize() + } + // Sort: Endpoints (i.e., an array of "string") + if service.Endpoints != nil { + sort.Strings(*service.Endpoints) + } + // Sort: Tags (i.e., an array of "string") (v1.6) + if service.Tags != nil { + sort.Strings(*service.Tags) + } + // TODO: Sort: (Service) Data +} + // ==================================================================== // Slice Normalizers // ==================================================================== +func (slice CDXAnnotationSlice) Normalize() { + sort.Slice(slice, func(i, j int) bool { + element1 := slice[i] + element2 := slice[j] + return comparatorAnnotation(element1, element2) + }) +} + func (slice CDXComponentSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] @@ -308,17 +325,25 @@ func (slice CDXComponentSlice) Normalize() { } } -func (slice CDXServiceSlice) Normalize() { +// TODO: Sort: the slices within the CDXComponentData (e.g., Contents, +// SensitiveData, Graphics (collection), Governance, etc. ) +func (slice CDXComponentDataSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorService(element1, element2) + return comparatorComponentData(element1, element2) }) +} - // Normalize() each entry in the Service slice - // Note: this causes recursion as each "Service" type has a "Services" slice. - for _, component := range slice { - component.Normalize() +func (slice CDXCompositionSlice) Normalize() { + sort.Slice(slice, func(i, j int) bool { + element1 := slice[i] + element2 := slice[j] + return comparatorComposition(element1, element2) + }) + + for _, composition := range slice { + composition.Normalize() } } @@ -335,13 +360,11 @@ func (slice CDXDependencySlice) Normalize() { } } -// TODO: Sort: the slices within the CDXComponentData (e.g., Contents, -// SensitiveData, Graphics (collection), Governance, etc. ) -func (slice CDXComponentDataSlice) Normalize() { +func (slice CDXExternalReferenceSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorComponentData(element1, element2) + return comparatorExternalReference(element1, element2) }) } @@ -358,41 +381,41 @@ func (slice CDXLicenseChoiceSlice) Normalize() { } } -func (slice CDXOrganizationalContactSlice) Normalize() { +func (slice CDXLifecycleSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorOrganizationalContact(element1, element2) + return comparatorLifecycle(element1, element2) }) } -func (slice CDXOrganizationalEntitySlice) Normalize() { +func (slice CDXHashSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorOrganizationalEntity(element1, element2) + return comparatorHash(element1, element2) }) - - // Sort the contents of the CDXOrganizationalEntity (i.e., Contact(s)) - for _, entity := range slice { - entity.Normalize() - } } -func (slice CDXAnnotationSlice) Normalize() { +func (slice CDXOrganizationalContactSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorAnnotation(element1, element2) + return comparatorOrganizationalContact(element1, element2) }) } -func (slice CDXExternalReferenceSlice) Normalize() { +func (slice CDXOrganizationalEntitySlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorExternalReference(element1, element2) + return comparatorOrganizationalEntity(element1, element2) }) + + // Sort the contents of the CDXOrganizationalEntity (i.e., Contact(s)) + for _, entity := range slice { + entity.Normalize() + } } func (slice CDXPropertySlice) Normalize() { @@ -419,23 +442,17 @@ func (slice CDXReleaseNotesSlice) Normalize() { }) } -func (slice CDXHashSlice) Normalize() { - sort.Slice(slice, func(i, j int) bool { - element1 := slice[i] - element2 := slice[j] - return comparatorHash(element1, element2) - }) -} - -func (slice CDXCompositionSlice) Normalize() { +func (slice CDXServiceSlice) Normalize() { sort.Slice(slice, func(i, j int) bool { element1 := slice[i] element2 := slice[j] - return comparatorComposition(element1, element2) + return comparatorService(element1, element2) }) - for _, composition := range slice { - composition.Normalize() + // Normalize() each entry in the Service slice + // Note: this causes recursion as each "Service" type has a "Services" slice. + for _, component := range slice { + component.Normalize() } } @@ -451,6 +468,26 @@ func (slice CDXVersionRangeSlice) Normalize() { // Struct comparators // ==================================================================== +// TODO sort "subjects", "annotator" +func comparatorAnnotation(element1 CDXAnnotation, element2 CDXAnnotation) bool { + // sort by required fields: "timestamp", "text" + if element1.Timestamp != element2.Timestamp { + return element1.Timestamp < element2.Timestamp + } + return element1.Text < element2.Text +} + +func comparatorBOMRefType(element1 CDXRefType, element2 CDXRefType) bool { + // NOTE: we do not want to use "bom-def" if it is randomly generated UUID + // Even if it is an ID like a Package URL (pURL), other IDs SHOULD + // be used for "sort" prior to relying upon it in the "bom-ref" field. + if IsValidUUID(element1.String()) || IsValidUUID(element2.String()) { + return true + } + // Note: this is a basic "string" comparison + return comparatorRefType(element1, element2) +} + // Use required fields: "type", "name" // Use optional identity fields: "purl", "cpe", "swid.TagId" // Sort by the optional field "bom-ref" as this is pseudo-required if @@ -487,15 +524,21 @@ func comparatorComponent(element1 CDXComponent, element2 CDXComponent) bool { return true } -func comparatorService(element1 CDXService, element2 CDXService) bool { - // sort by required field(s): "name" - if element1.Name != element2.Name { - return element1.Name < element2.Name +func comparatorComponentData(element1 CDXComponentData, element2 CDXComponentData) bool { + // sort by required fields: "type" + if element1.Type != element2.Type { + return element1.Type < element2.Type } - // sort by other "tie breakers" - if element1.Version != element2.Version { - return element1.Version < element2.Version + // sort using combinations of identifying field values: "name" + return element1.Name < element2.Name +} + +func comparatorComposition(element1 CDXCompositions, element2 CDXCompositions) bool { + // sort by required field "aggregate" + if element1.Aggregate != element2.Aggregate { + return element1.Aggregate < element2.Aggregate } + // TODO: "tie-breakers": "signature"? // sort by (sometimes an identifier): "bom-ref" if element1.BOMRef != nil && element2.BOMRef != nil { return comparatorBOMRefType(*element1.BOMRef, *element2.BOMRef) @@ -514,40 +557,20 @@ func comparatorDependency(element1 CDXDependency, element2 CDXDependency) bool { return true } -// Note: RefLinkType is of type CDXRefType which is of type "string" (for now) -func comparatorRefLinkType(element1 CDXRefLinkType, element2 CDXRefLinkType) bool { - // Note: casting to actual data type - return comparatorRefType(CDXRefType(element1), CDXRefType(element2)) -} - -func comparatorBOMRefType(element1 CDXRefType, element2 CDXRefType) bool { - // NOTE: we do not want to use "bom-def" if it is randomly generated UUID - // Even if it is an ID like a Package URL (pURL), other IDs SHOULD - // be used for "sort" prior to relying upon it in the "bom-ref" field. - if IsValidUUID(element1.String()) || IsValidUUID(element2.String()) { - return true +func comparatorExternalReference(element1 CDXExternalReference, element2 CDXExternalReference) bool { + // sort by required fields: "type", "url" + if element1.Type != element2.Type { + return element1.Type < element2.Type } - // Note: this is a basic "string" comparison - return element1 < element2 -} - -func IsValidUUID(u string) bool { - _, err := uuid.Parse(u) - return err == nil -} - -func comparatorRefType(element1 CDXRefType, element2 CDXRefType) bool { - // Note: this is a basic "string" comparison - return element1 < element2 + return element1.Url < element2.Url } -func comparatorComponentData(element1 CDXComponentData, element2 CDXComponentData) bool { - // sort by required fields: "type" - if element1.Type != element2.Type { - return element1.Type < element2.Type +func comparatorHash(element1 CDXHash, element2 CDXHash) bool { + // sort by required fields: "alg", "content" + if element1.Alg != element2.Alg { + return element1.Alg < element2.Alg } - // sort using combinations of identifying field values: "name" - return element1.Name < element2.Name + return element1.Content < element2.Content } // TODO: use "text", "url" as "tie-breakers" @@ -575,12 +598,12 @@ func comparatorLicenseChoice(element1 CDXLicenseChoice, element2 CDXLicenseChoic return true } -func comparatorHash(element1 CDXHash, element2 CDXHash) bool { - // sort by required fields: "alg", "content" - if element1.Alg != element2.Alg { - return element1.Alg < element2.Alg +func comparatorLifecycle(element1 CDXLifecycle, element2 CDXLifecycle) bool { + if element1.Phase != element2.Phase { + return element1.Phase < element2.Phase } - return element1.Content < element2.Content + // default: preserve existing order + return true } func comparatorOrganizationalContact(element1 CDXOrganizationalContact, element2 CDXOrganizationalContact) bool { @@ -614,13 +637,23 @@ func comparatorOrganizationalEntity(element1 CDXOrganizationalEntity, element2 C return true } -// TODO sort "subjects", "annotator" -func comparatorAnnotation(element1 CDXAnnotation, element2 CDXAnnotation) bool { - // sort by required fields: "timestamp", "text" - if element1.Timestamp != element2.Timestamp { - return element1.Timestamp < element2.Timestamp +func comparatorProperty(element1 CDXProperty, element2 CDXProperty) bool { + // sort by required fields: "name", "value" + if element1.Name != element2.Name { + return element1.Name < element2.Name } - return element1.Text < element2.Text + return element1.Value < element2.Value +} + +// Note: RefLinkType is of type CDXRefType which is of type "string" (for now) +func comparatorRefLinkType(element1 CDXRefLinkType, element2 CDXRefLinkType) bool { + // Note: casting to actual data type + return comparatorRefType(CDXRefType(element1), CDXRefType(element2)) +} + +func comparatorRefType(element1 CDXRefType, element2 CDXRefType) bool { + // Note: this is a basic "string" comparison + return element1 < element2 } // NOTE: The name is plural to match the current struct name (and perhaps json schema name) @@ -636,28 +669,15 @@ func comparatorReleaseNotes(element1 CDXReleaseNotes, element2 CDXReleaseNotes) return element1.Timestamp < element2.Timestamp } -func comparatorExternalReference(element1 CDXExternalReference, element2 CDXExternalReference) bool { - // sort by required fields: "type", "url" - if element1.Type != element2.Type { - return element1.Type < element2.Type - } - return element1.Url < element2.Url -} - -func comparatorProperty(element1 CDXProperty, element2 CDXProperty) bool { - // sort by required fields: "name", "value" +func comparatorService(element1 CDXService, element2 CDXService) bool { + // sort by required field(s): "name" if element1.Name != element2.Name { return element1.Name < element2.Name } - return element1.Value < element2.Value -} - -func comparatorComposition(element1 CDXCompositions, element2 CDXCompositions) bool { - // sort by required field "aggregate" - if element1.Aggregate != element2.Aggregate { - return element1.Aggregate < element2.Aggregate + // sort by other "tie breakers" + if element1.Version != element2.Version { + return element1.Version < element2.Version } - // TODO: "tie-breakers": "signature"? // sort by (sometimes an identifier): "bom-ref" if element1.BOMRef != nil && element2.BOMRef != nil { return comparatorBOMRefType(*element1.BOMRef, *element2.BOMRef) diff --git a/utils/flags.go b/utils/flags.go index 9a64d92d..7718f80f 100644 --- a/utils/flags.go +++ b/utils/flags.go @@ -99,6 +99,10 @@ type ResourceCommandFlags struct { ResourceType string } +type ComponentCommandFlags struct { + Types string +} + func NewResourceCommandFlags(resourceType string) ResourceCommandFlags { return ResourceCommandFlags{ ResourceType: resourceType,