apache-2.0 license detected for a lgpl license text

[balusarakesh]

file: pom.xml.txt

<license>
        <name>GNU Lesser General Public License, version 2.1</name>
        <url>http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt</url>
        <distribution>repo</distribution>

when the above file is scanned for licenses using the branch #86 apache-2.0 is detected instead of lgpl-2.1 license.
But when the same file is scanned with the branch develop an lgpl-2.0-plus license is detected.

[pombredanne]

Good catch. Can you add a test in the #86 branch ?

[pombredanne]

I added new rules too that should fix this

[balusarakesh]

@pombredanne I think the primary goal should be to delete the wrong rule...right?

[pombredanne]

nope, the primary is to ensure things are detected correctly. The rules in the #86 branch are rather different than in develop

[pombredanne]

The Apache rule detected is a 50% match with Apache License Version 2 http://www.apache.org/licenses/LICENSE-2.0 from rule apache-2.0_15.RULE lines 12 to 15. This rule should not be deleted. There is something in the filtering code or thresholds that should be handled there instead

[balusarakesh]

@pombredanne
I think we must delete the Apache 2.0 rule or use some kind of fix in the license detection because I'm getting both the licenses in the scan results when the #86 is used.

results": [
    {
      "location": "/home/******/pom.xml.txt", 
      "licenses": [
        {
          "key": "lgpl-2.1", 
          "score": 100.0, 
          "short_name": "LGPL 2.1", 
          "category": "Copyleft Limited", 
          "owner": "Free Software Foundation (FSF)", 
          "homepage_url": "http://www.gnu.org/licenses/lgpl-2.1.html", 
          "text_url": "http://www.gnu.org/licenses/lgpl-2.1.txt", 
          "dejacode_url": "https://enterprise.dejacode.com/license_library/Demo/lgpl-2.1/", 
          "spdx_license_key": "LGPL-2.1", 
          "spdx_url": "http://spdx.org/licenses/LGPL-2.1", 
          "start_line": 12, 
          "end_line": 12
        }, 
        {
          "key": "apache-2.0", 
          "score": 50.0, 
          "short_name": "Apache 2.0", 
          "category": "Attribution", 
          "owner": "Apache Software Foundation", 
          "homepage_url": "http://www.apache.org/licenses/", 
          "text_url": "http://www.apache.org/licenses/LICENSE-2.0", 
          "dejacode_url": "https://enterprise.dejacode.com/license_library/Demo/apache-2.0/", 
          "spdx_license_key": "Apache-2.0", 
          "spdx_url": "http://spdx.org/licenses/Apache-2.0", 
          "start_line": 12, 
          "end_line": 15
        }
      ]
    }

[pombredanne]

as I said above deleting a rule is not the solution here: the problem you found is due to a bug in the code

[balusarakesh]

ok, got it 👍

[pombredanne]

I you want to give it a shot, you can enable tracing flags to True in index.py and match.py to find out when this Apache match is kept rather than filtered out.

[pombredanne]

This is all fixed and passing develop