From 96a4d3077fc3c5cd0aae12ed3fa930773b653252 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Wed, 5 Jun 2024 11:54:57 -0700
Subject: [PATCH 1/2] fix unlicense detection

The code previously had some special logic for handling the Unlicense SPDX
identifier. While this worked for local file detection, it broke detection for
SPDX identifiers provided by the forge. This change moves the logic to the part
of the code concerned with local file detection, so both work now.

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 checks/raw/license.go | 44 ++++++++++++++++++-------------------------
 1 file changed, 18 insertions(+), 26 deletions(-)

diff --git a/checks/raw/license.go b/checks/raw/license.go
index 3e041c7e2a4..1b8ac6ac30b 100644
--- a/checks/raw/license.go
+++ b/checks/raw/license.go
@@ -160,17 +160,10 @@ func License(c *checker.CheckRequest) (checker.LicenseData, error) {
 
 	// scorecard search stops at first candidate (isLicenseFile) license file found
 	if path != (checker.LicenseFile{}) {
-		//
-		// now it is time to "map it back" in the case of the
-		// Spdx Identifier for "UNLICENSE" which was mapped to "UN"
-		// for the regex group match and this check.
-		// grab what is needed before clobbering the Spdx Identifier
-		// Aside from 'UN', these settings (Name, Key) match GH repo API
-		// for when the Spdx Identifier cannot be determined.
 		path.LicenseInformation.Name = fsfOsiApprovedLicenseCiMap[strings.ToUpper(path.LicenseInformation.SpdxID)].Name
-		if strings.ToUpper(path.LicenseInformation.SpdxID) == "UN" {
-			path.LicenseInformation.SpdxID = "UNLICENSE"
-		} else if path.LicenseInformation.SpdxID == "" {
+		// these settings (Name, Key) match GH repo API
+		// for when the Spdx Identifier cannot be determined.
+		if path.LicenseInformation.SpdxID == "" {
 			path.LicenseInformation.SpdxID = "NOASSERTION"
 			path.LicenseInformation.Name = "Other"
 		}
@@ -226,19 +219,7 @@ func setCiMap() {
 	defer ciMapMutex.Unlock()
 	if len(fsfOsiApprovedLicenseCiMap) == 0 {
 		for key, entry := range fsfOsiApprovedLicenseMap {
-			// Special case, the unlicense, in the map is
-			// called 'The Unlicense' with the Spdx id 'Unlicense'.
-			// For the regex's 'un' will match the [pre|suf]Spdx
-			// regex group (just as it would match '0BSD'), but
-			// 'un' will not "hit" in the map with key 'Unlicense'
-			// so change to 'UN' for 'unlicense' for 'isLicenseFile()'
-			// TODO: make this general (pass a key map for changing these
-			//       special cases). For now this is the only one.
-			if strings.ToUpper(key) == "UNLICENSE" {
-				fsfOsiApprovedLicenseCiMap["UN"] = entry
-			} else {
-				fsfOsiApprovedLicenseCiMap[strings.ToUpper(key)] = entry
-			}
+			fsfOsiApprovedLicenseCiMap[strings.ToUpper(key)] = entry
 		}
 	}
 }
@@ -261,12 +242,23 @@ func getSpdxID(matches []string) string {
 	// value, preSpdx takes precedence.
 	// (e.g., 0BSD-LICENSE-GPL-2.0.txt)
 	// TODO: decide if that is OK or should "fail"
+	var id string
 	if matches[reGroupIdxs["preSpdx"]] != "" {
-		return matches[reGroupIdxs["preSpdx"]]
+		id = matches[reGroupIdxs["preSpdx"]]
 	} else if matches[reGroupIdxs["sufSpdx"]] != "" {
-		return matches[reGroupIdxs["sufSpdx"]]
+		id = matches[reGroupIdxs["sufSpdx"]]
 	}
-	return ""
+	// Special case, the unlicense, in the map is
+	// called 'The Unlicense' with the Spdx id 'Unlicense'.
+	// For the regex's 'un' will match the [pre|suf]Spdx
+	// regex group (just as it would match '0BSD'), but
+	// 'un' will not "hit" in the map with key 'Unlicense'
+	// so change to 'UN' for 'unlicense' for 'isLicenseFile()
+	if strings.EqualFold(id, "UN") {
+		id = "UNLICENSE"
+	}
+
+	return id
 }
 
 func getExt(filename string, matches []string) string {

From 2ea480f86b988d7d862449813b86d5f67bced2de Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Thu, 6 Jun 2024 10:46:40 -0700
Subject: [PATCH 2/2] remove part of comment which is no longer relevant

Signed-off-by: Spencer Schrock <sschrock@google.com>
---
 checks/raw/license.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/checks/raw/license.go b/checks/raw/license.go
index 1b8ac6ac30b..af0f83d92fb 100644
--- a/checks/raw/license.go
+++ b/checks/raw/license.go
@@ -253,7 +253,6 @@ func getSpdxID(matches []string) string {
 	// For the regex's 'un' will match the [pre|suf]Spdx
 	// regex group (just as it would match '0BSD'), but
 	// 'un' will not "hit" in the map with key 'Unlicense'
-	// so change to 'UN' for 'unlicense' for 'isLicenseFile()
 	if strings.EqualFold(id, "UN") {
 		id = "UNLICENSE"
 	}