False positive detecton of proprietary-license from proprietary-license_276.RULE #3355
Assignees
Labels
Comments
DennisClark
added
bug
license-review
|
You can find the scanned code here |
AyanSinhaMahapatra
added a commit
that referenced
this issue
Apr 26, 2023
These solve the following license detection bugs: * #3361 * #3360 * #3358 * #3355 Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Recent scans of pdfbox-2.0.24-sources.jar and pdfbox-2.0.24.jar returned a detection of proprietary-license from files DecodeOptions.java and DecodeOptions$FinalDecodeOptions.class on the string "may not be modified" which triggered the proprietary-license_276.RULE
That detection is much too aggressive, because in the context of the code, it was simply the generation of an error message (possibly when someone/something is trying to change a pdf). Here is one case in the code:
throw new UnsupportedOperationException(“This instance may not be modified.“)I am not exactly sure what the approach should be to address this, but I think it generally means that finding "may not be modified" probably means proprietary only in the context of a Notice file or code Comments, but it should not be triggered when that text appears in actual code.
The text was updated successfully, but these errors were encountered: