You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My understanding of how I want to make the go/no-go decision is evolving. The documentation and the tool are (as you point out) a little out of sync because of this.
I'm finding that the scores aren't as useful as we'd originally hoped. The scores include factors that we don't really care about from a purely licensing point of view. It's the discovered licenses that are what's actually interesting. What you see in the code now is my attempt to be as forgiving as possible with regard to the score without just removing it completely.
The Apache Camel Core library you cite is, for example, completely fine despite what the relatively low license score suggests.
It's my understanding, according to the Eclipse Handbook, that the Overall score should not play any role when deciding if an artifact has an approved license, but only the Licensed score should be considered. However, according to https://github.com/eclipse/dash-licenses/blob/d6eae6c70884faa4c8bcc33d7d4e63bb9a2ddc74/core/src/main/java/org/eclipse/dash/licenses/clearlydefined/ClearlyDefinedSupport.java#L136-L137, it seems that if an artifact has a Licensed score < 75 but an overall >= 75, it's indeed accepted from the tool. As an example, https://clearlydefined.io/definitions/maven/mavencentral/org.apache.camel/camel-core/3.10.0 is reported as Accpeted:
Is this correct, or we should just consider the Licensed value?
The text was updated successfully, but these errors were encountered: