Incorrect License Identification for glob 13.0.0

[yashkohli88]

Description

We have observed incorrect license reported while running scancode on a npm package called glob 13.0.0, below are the details from scancode results

License detected: GPL-2.0-only WITH Classpath-exception-2.0 OR CDDL-1.1
Matching score: 50
File: LICENSE.md
Link: https://github.com/isaacs/node-glob/blob/3bfb9604fabcd372fd13bbacef90339d10d1aa92/LICENSE.md
Matched Text: their respective LICENSE or LICENSE.md files.\n\nThe remainder of this project is licensed under the Blue Oak\nModel License, as follows
Rule Url: "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules/gpl-2.0_with_classpath-exception-2.0_or_cddl-1.1_3.RULE"

It appears that this is a misidentification—possibly due to boilerplate language in the LICENSE.md file.

I am attaching the scancode results for 32.1.0 but it also persists in the latest version of scancode.

glob-scancode.json

[yashkohli88]

@pombredanne As discussed in Clearlydefined Dev sync up meeting I have logged this issue.

[BRGOVIND]

Hi @pombredanne,
I’m taking a look at this issue. From the LICENSE.md text, it seems the Blue Oak Model License boilerplate may be triggering the GPL-2.0-with-classpath-exception OR CDDL rule.

I’ll investigate whether this is a rule false-positive or needs a rule refinement and report back.

[uttam282005]

To fix this
Either we can add a minimum_coverage:80 to the falsely detected GPL-2.0-only WITH Classpath-exception-2.0 OR CDDL-1.1 RULE
or
add a false positive rule with the matched text.

[BRGOVIND]

So — the Blue Oak boilerplate does seem to be triggering a low-coverage match against the GPL/Classpath OR CDDL rule.
Bumping the minimum_coverage on that rule feels like a cleaner approach than adding a broad false-positive rule, but I’ll skim through the PR to see how edge cases are handled.

Thanks @uttam282005 🙂

[ionfwsrijan]

Hi there,

I’m Srijan Jaiswal, and I’m eager to contribute to this project as part of my open-source contribution. I have reviewed this issue and feel confident that I can provide a solution since I have experience working with similar technologies in my past projects. Could you please assign this issue to me? I’d love to work on it and contribute to the project.

Best regards,
Srijan Jaiswal